recommended reading

Futures regulators want smartphone hacking device

The Commodity Futures Trading Commission is searching for a phone hacking tool to investigate suspects' mobile devices for evidence of links to Ponzi schemes, insider trades and other illicit dealings.

With Americans' increasing reliance on smartphones, evidence of fraud often can be found in phonebook contacts, call history logs, text messages and locational data, according to computer forensics experts.

The commission charged with policing the $600 trillion market of derivatives transactions is surveying industry for systems that can collect evidence in the field and in the lab, so ideally, the equipment would not rely on a PC, according to an Oct. 19 sources sought notice. CFTC already uses extraction tools that work on specific phone models such as the Apple-compatible BlackLight system, but it now wants a "comprehensive solution" that can copy files from any wireless model.

Currently, handheld mobile forensics field kits that don't require a laptop cost between $8,000 and $15,000, according to Darren R. Hayes, a computer information systems program chairman at Pace University. The school was recently awarded a Defense Department grant for work on mobile forensics. He estimates the type of device CFTC needs would cost roughly $20,000.

The 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act endowed CFTC with the power, for the first time, to regulate the once "dark" derivatives markets. Unpoliced bets on swaps were blamed for contributing to the fall of American International Group Inc. and Lehman Brothers Holdings Inc. in 2008 and the subsequent financial meltdown.

Now, to bolster enforcement actions, the commission is expanding the use of computer forensic analysis, according to its fiscal 2012 President's Budget and Performance Plan. The possible acquisition announced last week would work with the iPhone, iPad, BlackBerry, and Android- and Windows-based devices. It would be able to extract deleted items, recover and analyze a device's internal memory chip, and clone external memory cards.

Vendor responses are due Nov. 10.

There are limitations to mobile forensics. Less than half the portable electronics currently available can be imaged, or copied, by a forensics tool, said Hayes, who started his career in computer forensics at financial services firm Cantor Fitzgerald. Before duplicating phone files, investigators would have to obtain a warrant, he said.

Still, mobile forensic analysis is catching on governmentwide, as evidenced by numerous contracts for extraction systems awarded during the past year. Special agents at U.S. Immigration and Customs Enforcement, who target terrorists and organized crime groups, last September inked

a $2.4 million deal with Cellebrite USA Corp for mobile phone forensic devices.

"Mobile digital evidence has become prevalent in ICE investigative cases and has become crucial to the prosecution and conviction of offenders in criminal cases," the ICE solicitation stated.

In April, the Defense Intelligence Agency's contracting arm procured a Cellebrite mobile data extraction tool as part of a larger $71,708.60 equipment purchase.

"I do see more and more proposals out there for mobile forensics and more and more smaller agencies looking to grow their competencies in mobile forensics," Hayes said.

Ray Bjorklund, chief knowledge officer at market research firm Deltek, said CFTC's desired technology also could be a "means to track the flow of money similar to [Treasury's Financial Crimes Enforcement Network's] mission, considering today's technology generally supports transactions from mobile phones and tablet computers." The agency analyzes financial reports for signs of terrorist-financing and money-laundering.

In fiscal 2011, CFTC levied civil penalties totaling more than $290 million and ordered more than $160 million in restitution and disgorgement payments from market schemers, which more than doubled the previous year's sanctions, according to the commission.

A number of regulatory and enforcement agencies are using the technology to investigate insider trading, dissemination of sensitive information, evidence of price-fixing and other fraud, according to officials at Dell, which sells mobile forensics systems to various government agencies.

Joe Trickey, Dell marketing brand manager for rugged and digital forensics, said costs vary, depending on factors like system speed and the volume of phones a product can handle.

The ability to examine an array of digital devices, which CFTC seems to be experiencing difficulty with, "helps those on scene to rapidly identify crucial or potentially time-sensitive information quickly so the investigation can rapidly progress from there," he said.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.