FBI's Spyware-Like Software Cracks School Case
Last month, authorities in Washington state called in the FBI to help them solve a problem. Someone was using the Internet to make a series of bomb threats against a high school in Lacey, near Olympia.
The would-be high school bomber started sending e-mails to the principal and students at Timberline High School through a MySpace account. He taunted authorities, saying they would never be able to find him. After securing a warrant, FBI agents managed to do just that.
Using a little known FBI program called CIPAV, or Computer and Internet Protocol Address Verifier, they tracked down the suspect.
When news of the CIPAV program broke, the FBI found itself having to convince people that the bureau isn't in the spyware business. FBI Assistant Director John Miller says the FBI is just fighting fire with fire. Computer-related crimes require software solutions, he says.
"The question is being turned on its head," Miller said. "It's not that the FBI is on the Internet using spyware; it's that people are committing crimes on the Internet that attract the attention of their victims, who then call the authorities, who then have to figure out who those people are."
The affidavit in the bombing case did not include details on how the FBI was able to get its CIPAV program to latch on to the suspect's computer remotely. And the FBI doesn't talk about its investigative techniques, as a general rule. But what is clear is that once CIPAV got on the suspect's computer, it was able to relay his IP address to the FBI, which arrested the suspect a short time later.
It really isn't so surprising that the FBI uses such Internet tools, said Roger Thompson, the chief technology officer at Linkscanner.com. Linkscanner makes safe Internet-surfing software.
"Over the last 12-18 months, they [a lot of people on the Internet] have shifted over to overtly criminal behavior," he said. "They want your bank account, they want your credit cards ... they want to steal stuff from you. And it is naïve of us to think that the FBI isn't doing it [using this kind of software] too."
The FBI has long acknowledged that it uses a program called CARNIVORE, which intercepts data transmitted over the Internet to and from a suspect's computer. There is another program, Magic Lantern, that the FBI doesn't like to talk about. It is software that, once installed on a suspect's computer, can record every keystroke typed. That kind of information allows the FBI to work out passwords and access e-mail messages and other encrypted documents they might find on a suspect's computer.
Lauren Weinstein is the co-founder of People for Internet Responsibility, which has been trying to set some standard behaviors for the Internet. He says personal computers today are so vulnerable, people who hack onto someone's system can do just about anything.
"You can read the screen, you can control the keyboard, you can send e-mail that looks like it came from that person [the owner of the computer] and that they never really sent," he said.
The FBI's Miller says these kinds of Internet programs are used judiciously. In the Timberline High School case, the FBI needed to use software to unmask a suspect who was using the Internet to hide his identity — and the FBI used CIPAV to do it.
"Cyberspace is a relatively new frontier in the world of crime, but it can be a dangerous neighborhood," said Miller. "When you go after somebody there, you need the same tools in a criminal case that you would on the street."
Tools like a warrant from a judge. Privacy advocates worry that the new technologies and the FBI's eagerness to use them will end up compromising civil liberties. For that reason, they are watching the development of these new programs carefully.