Campus Cops Try To Fill Role As Cyber Superheroes
Minority students here at the University of Iowa’s College of Dentistry received a series of threatening
e-mail messages last March warning them to “be afraid, not only for their future careers but for their lives.
“If firearms need to be used. Then they will,” said the message, which also
threatened to blow up the dentistry college building.
Authorities later arrested Tarsha Claiborne, 23, a second-year dental student at Iowa who is African American. Her
attorneys, who contend Claiborne was under tremendous pressure in part because the university has so few African American students, say she’ll use a diminished-responsibility defense at her September trial.
The story of how University of Iowa campus police managed to apprehend Claiborne in less than a month with nothing more to go on than a few electronic copies of the anonymous computer message serves as a parable for how irrevocably police work has altered in what some are calling the cyber century.
“Combating cyber crime is something that every campus police department will have to be aware of and have to earmark some
resources toward,” says Charles D. Green, director of public safety for the 28,000-student university. “We cannot just ignore it. It’s only going to increase.”
Dennis Shaw, chairman of the International Association of Campus Law Enforcement Administrators’ technology committee, says it’s clear that cyber crime is on the rise. “All you have to do is look at the number of e-mail viruses and those sort of things,” says Shaw.
Since the beginning of the year, colleges and universities from California to Connecticut have dealt with a rash of computer-
related crimes ranging from computer pornography to serious security breaches. For example:
n A student at Weber State University in Ogden, Utah, was charged with five counts of felony communications fraud in March after being accused of rigging an online election so he could win the race for student body president.
Andrew Shafer won the online election with 756 votes, but when university officials became suspicious and ordered a second, manual vote, he received just 63 votes. Authorities later confiscated several computers from which hundreds of votes were sent.
n A Colorado State University graduate student was arrested in May after the FBI
accused him of trying to extort money, a car and free downloads from a New Jersey Internet company that sells digital books. The
student allegedly sent threatening e-mail messages.
n Hackers tapped into computers at the University of California at Los Angeles, Stanford University and the University of California at Santa Barbara in February to help orchestrate a series of attacks that temporarily crippled several popular commercial Internet sites, including Yahoo!, eBay, E*TRADE and CNN.com.
Authorities say the attacks probably didn’t originate on those campuses. They think hackers infiltrated their systems remotely. The computers were used to bombard the Web sites with so many data requests that the sites eventually overloaded.
Seeking Outside Resources
As incidents of cyber crimes at higher
education institutions proliferate faster than dot-com companies, campus law-
enforcement officials say they increasingly must grapple with finding the best way to catch such criminals with limited staff and
resources.
Campus police experts say many departments have sought out someone on their staff who already has some expertise in the area and tried to buttress that with additional training from seminars and computer crime courses.
At other colleges and universities,
particularly those that are smaller and more rural, campus police rely heavily on outside expertise, working with professors and technicians in their schools’ computer departments or with experts from other local law-enforcement agencies.
Jacqueline C. Cooper, the chief of campus police at Norfolk State University in Virginia, says the 8,500-student campus hasn’t had any cases of computer-related crimes so far. But she isn’t taking any chances.
“I just hired an investigator who used to work at the Norfolk [city] police department and when we interviewed him, he talked a lot about cyber crime,” Cooper says. “He has some expertise in that area.”
John King, the director of public safety at Tufts University in Medford, Mass., and the former president of the campus law enforcement administrator’s association says, “The technology has taken off more quickly than our training or education has kept pace.
“You have to assess the skill level of your staff and recognize that this is a technical area that generally police personnel are not trained to deal with,” King says. “But you can utilize other campus resources as well as federal or local police resources.
Shaw, the interim assistant to the executive director of student life services at the University of Wisconsin-Stout who is on leave from his position as director of security and police services, says how campus police deal with cyber crime depends on their resources.
“My university is kind of in a rural area and so my staff actually has much more computer-crime experience than the local police department or county law enforcement,” he says. “We have sent one of our officers through computer evidence school. We sometimes lend him out to the local agencies because he is the expert around here.”
Computer experts say some cyber crimes, such as hacking into campus computer network systems, are costing colleges and universities millions of dollars a year. Some estimates reveal that hackers can cause millions in damage by breaking into just one system.
“Hackers can have all kinds of motives,” says Patricia Mell, a Michigan State University law professor who specializes in computer law. “It could be to get information or to destroy something. Or it could be just to show people they can do it.”
At San Diego State University, Director of Public Safety John Carpenter says that campus police recently arrested a junior who tried to shut down the university’s student financial records computer system. The system was down for an entire day following the attack, and Carpenter estimates it cost several thousand dollars to repair the damage.
Overall, San Diego State police handled 10 to 15 computer-related crimes last year, Carpenter says.
Carpenter has tapped one of his officers who previously expressed an interest in computer sleuthing to specialize in cyber crimes.
“You don’t need to have the expertise that a computer crime lab has, but enough to train officers to follow up and not destroy evidence when they first respond to a call,” he says. “We arrested a couple of guys three weeks ago outside of our library who were hanging around asking questions.”
When officers grew suspicious and searched the two men’s backpacks, they found 15 floppy disks that contained detailed personal information about children in the area. The men were not students but had been using the university library’s computers to help compile the information on under-aged boys.
“The officers responding to the crime wanted to know what was on those disks to see if they could file charges,” Carpenter says. “But the computer specialists immediately told them no, not to open the disks but to take them to the FBI lab first. If you don’t know that kind of thing, officers responding to these calls can taint the evidence.”
Lewis Greenberg, director of Michigan State University’s computer lab, investigates hacking incidents on the East Lansing campus. He says that serious damage by computer hackers is rare. “It’s really more of a nuisance than anything else,” he says.
But the damage may not be limited to campuses alone. Following the spring attacks on popular commercial Internet sites, a top FBI official, Ronald Dick of the bureau’s National Infrastructure Protection Center, warned those who run computer systems that their complacency could cause far-reaching damage.
“Your security or lack thereof can cause harm to others,” Dick said. “The key to this is implementing appropriate security measures such that you do not allow your system to be used in some of these attacks.”
Cyber Crimes Increasing
The threatening e-mails at the University of Iowa held the campus in the grips of terror for several weeks. In addition to the e-mails, police allege that Claiborne entered an apartment complex next to hers and placed a plate of dyed-red noodles outside the door of a Black male dental student with a note that read: “Dead Black Man’s Brains” (see Black Issues, May 11).
The threats received a tremendous amount of publicity in the local media, and university officials were under added pressure to find the culprit. Green says his officers used a combination of old-fashioned police investigative techniques and 21st century cyber sleuthing to nab Claiborne.
Although he advocates training a campus police department officer, Green doesn’t rule out making use of resources outside the department, if necessary. In fact, in the e-mail case, his officers consulted experts within the university’s information technology department, which determined that the threatening messages were being sent from a computer within the college of dentistry. Officers then set up surveillance cameras to help catch the culprit in the act.
“If police departments can’t find or afford to have one officer specialize in computer-related crimes, then I think they need to look at entering into some sort of collaboration with another agency where they could pool resources,” he says. “Because this is not going to go away. We can’t ignore it. It’s just going to increase.”
© Copyright 2005 by DiverseEducation.com
