US Department of Defense begs for private storage help

THE UNITED STATES Department of Defense Cyber Crime Center - DC3 in its slang - freely admits it could use a helping hand from the private sector when it comes to sorting through data.

Speaking in Washington DC, Special Agent (Retired) Jim Christy, Director of Futures Exploration for DC3, said investigators have their hands full in processing all the digital media out of a single household, with current typical "take" of around a terabyte of data. In a typical investigation when they get a search warrant, DC3 grabs everything that's digital, including new and old hard drives, cell phones, PDAs, iPods, GPSes, game consoles, flash media cards, cameras, DVRs, plus the DVDs and CDs - you never know what might be hidden in the music collection. "How many old phones do you have laying around? You don't just throw them out. How many memory sticks?" Christy asked. "Old floppies?"

The problem only escalates as hard drive sizes get bigger, forcing cyber cops to dig through the morass of data looking for clues. "It's only a matter of time," before Christy expects to see a "smart" refrigerator on the loading dock and having to process through the logs on it. BluRay-style video disks are the next big headache. All these little bits and bytes scattered across today's mobile and entertainment add up to provide an investigator - not necessarily for a computer crime, mind you - a digital trail for a particular suspect.

Christy would like the private sector to come forth with tools to better process all the data, and he's coming at it from the perspective of the largest certified digital forensics lab in the United States. There are only total of 12 such labs in the U.S. and his is the largest and oldest in operation. In comparison, there are 327 accredited "CSI" style labs across the U.S. and around 19,000 law enforcement agencies.

DC3 has already obtained some great results through its now-annual "Digital Forensics Challenge." Last year, 140 teams participated in a series of challenges in areas such as audio steganography, password cracking, and CD recovery. Eleven teams successful participated in the broken CD recovery; each team received a CD cut in half and was expected to recover a known piece of data from the damaged disc. All eleven teams came up with different methods to recover data, so now DC3 has 11 different ways to try to pull data off a mutilated CD.

The actual prize is the bragging rights to say you've solved the challenge, since a full-expense paid trip for 4 people to St. Louis, Missouri in the middle of winter isn't exactly what one would call attractive. Four times from outside the States also participated; as non-U.S. citizens, they weren't eligible for the prize.

Christy expects to put Microsoft Vista's BitLocker on the list of challenges for 2007, but he's still stuck with offering the winning team a trip to St. Louis, Missouri in January 2008. One wonders what kind of results he might get if he could move the 2009 conference to some place sunny and warm, say Honolulu or Miami?

As a centre of expertise in the military on all things computer, DC3 has also provided support for the Global War On Terrorism (GWOT). Apparently, there's been a need to repair hard drives that have been found in Afghanistan cave, typically after said cave has been hit by high explosives. DC3 has also helped the Special Forces types refine their techniques for retrieving data on the battlefield. Standard operating procedure was to smash off the monitor and attached peripherals, drop box or laptop onto the ground, smash until case cracks open and rectangular box appears, then rip off all connectors and shove roughly in empty pocket. Apparently, screwdrivers are now being issued in order to extract a drive more gently. µ