recommended reading

Futures regulators want smartphone hacking device

The Commodity Futures Trading Commission is searching for a phone hacking tool to investigate suspects' mobile devices for evidence of links to Ponzi schemes, insider trades and other illicit dealings.

With Americans' increasing reliance on smartphones, evidence of fraud often can be found in phonebook contacts, call history logs, text messages and locational data, according to computer forensics experts.

The commission charged with policing the $600 trillion market of derivatives transactions is surveying industry for systems that can collect evidence in the field and in the lab, so ideally, the equipment would not rely on a PC, according to an Oct. 19 sources sought notice. CFTC already uses extraction tools that work on specific phone models such as the Apple-compatible BlackLight system, but it now wants a "comprehensive solution" that can copy files from any wireless model.

Currently, handheld mobile forensics field kits that don't require a laptop cost between $8,000 and $15,000, according to Darren R. Hayes, a computer information systems program chairman at Pace University. The school was recently awarded a Defense Department grant for work on mobile forensics. He estimates the type of device CFTC needs would cost roughly $20,000.

The 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act endowed CFTC with the power, for the first time, to regulate the once "dark" derivatives markets. Unpoliced bets on swaps were blamed for contributing to the fall of American International Group Inc. and Lehman Brothers Holdings Inc. in 2008 and the subsequent financial meltdown.

Now, to bolster enforcement actions, the commission is expanding the use of computer forensic analysis, according to its fiscal 2012 President's Budget and Performance Plan. The possible acquisition announced last week would work with the iPhone, iPad, BlackBerry, and Android- and Windows-based devices. It would be able to extract deleted items, recover and analyze a device's internal memory chip, and clone external memory cards.

Vendor responses are due Nov. 10.

There are limitations to mobile forensics. Less than half the portable electronics currently available can be imaged, or copied, by a forensics tool, said Hayes, who started his career in computer forensics at financial services firm Cantor Fitzgerald. Before duplicating phone files, investigators would have to obtain a warrant, he said.

Still, mobile forensic analysis is catching on governmentwide, as evidenced by numerous contracts for extraction systems awarded during the past year. Special agents at U.S. Immigration and Customs Enforcement, who target terrorists and organized crime groups, last September inked

a $2.4 million deal with Cellebrite USA Corp for mobile phone forensic devices.

"Mobile digital evidence has become prevalent in ICE investigative cases and has become crucial to the prosecution and conviction of offenders in criminal cases," the ICE solicitation stated.

In April, the Defense Intelligence Agency's contracting arm procured a Cellebrite mobile data extraction tool as part of a larger $71,708.60 equipment purchase.

"I do see more and more proposals out there for mobile forensics and more and more smaller agencies looking to grow their competencies in mobile forensics," Hayes said.

Ray Bjorklund, chief knowledge officer at market research firm Deltek, said CFTC's desired technology also could be a "means to track the flow of money similar to [Treasury's Financial Crimes Enforcement Network's] mission, considering today's technology generally supports transactions from mobile phones and tablet computers." The agency analyzes financial reports for signs of terrorist-financing and money-laundering.

In fiscal 2011, CFTC levied civil penalties totaling more than $290 million and ordered more than $160 million in restitution and disgorgement payments from market schemers, which more than doubled the previous year's sanctions, according to the commission.

A number of regulatory and enforcement agencies are using the technology to investigate insider trading, dissemination of sensitive information, evidence of price-fixing and other fraud, according to officials at Dell, which sells mobile forensics systems to various government agencies.

Joe Trickey, Dell marketing brand manager for rugged and digital forensics, said costs vary, depending on factors like system speed and the volume of phones a product can handle.

The ability to examine an array of digital devices, which CFTC seems to be experiencing difficulty with, "helps those on scene to rapidly identify crucial or potentially time-sensitive information quickly so the investigation can rapidly progress from there," he said.

Threatwatch Alert

Social Media Takeover

Qatar News Agency Says Hackers Published Fake Stories

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.