Criminals have discovered what every other type of businessperson has learned: Automation pays off

BRANDON KESSLER HAD BEEN RUNNING HIS BUSINESS from a trailer park in Bellflower, Calif., with only his two teenage sons to help him man the constantly ringing phone and write down orders. But then Kessler went high-tech. He added phone lines and hooked one of them to a Pentium-based PC, allowing his customers to place orders directly into the computer. That not only eliminated the need for a full-time order-taker but also provided Kessler with a searchable database of all his customers and their orders, reducing errors and arming him with marketing data.

The accounting software he set up on a separate PC enabled him to slash accounts receivable, steady his cash flow, and react more quickly to profit dips. Three years later, in 1995, Kessler was clearing half a million a year and had moved the six PCs with which he was now running his business into the spacious, finished garage of his new home, which boasted a swimming pool and deck, a kitchen crammed with brand-new top-of-the-line appliances, and a cat that ate nothing but jumbo shrimp.

It was a classic success-through-automation story--marred only by the fact that the business was entirely illegal. Kessler (not his real name) was selling electronic devices that enabled his customers to "steal" premium cable television shows. Last year, police arrested the prospering entrepreneur and pulled the plug on his humming bank of PCs. "The operation was ingenious," says Detective Richard Hiles, of the Los Angeles County Sheriff's Department (L.A.S.D.), with equal parts disgust and admiration.

Kessler represents one of the fastest-growing breeds of entrepreneur: the wired criminal. For years, organized crime rings, including the U.S. Mafia and Columbian drug cartels, have taken advantage of new communications and information technology. But lately, smaller crime operations--street criminals--have begun to take advantage of increasingly inexpensive high-tech tools. Enlisting everything from spreadsheets to E-mail to personal digital assistants, these small-time hoods are streamlining their businesses and communicating more effectively, and privately, with suppliers and customers.

The rush of local chop-shop operators and drug dealers turning "techie" has left police departments scurrying to reengineer their forces. In the past few years, hundreds of local police departments have formed computer crime squads to handle the rising number of cases involving computer evidence and other forms of technology, once considered rare incidents. "The use of technology for crime is a fast-moving train, and we're running alongside, trying to keep up," says Sergeant Larry Balich, of the L.A.S.D.'s computer crime unit.

Consider Jim Davis (not his real name), one of hundreds of thousands of small-business owners who have made the Internet an everyday part of their routine. Davis happens to be in the cocaine business; he deals the drug in a Southwestern town. Davis communicates with his suppliers mostly from home through his America Online account. (Mobility being a big plus in his line of work, he also leases a hand-held device that allows him to connect to the Internet from other phones, as a backup.) Davis sets up his buys in on-line chat rooms during sessions that look to the ordinary observer like two people setting up a blind date. An ever-changing list of on-line aliases helps preserve his anonymity.

On this particular day, in one of the chat rooms frequented by suppliers and dealers, Davis logs on as Snoopy and types "Hello." A foot soldier for the Honduran supplier is waiting and replies, "Hello, Snoopy, tell me about yourself." The two then switch to E-mail, using "instant messages" that zip through cyberspace and quickly disappear. The exchange reads something like this:

Davis: I'm six feet tall with blond hair, long eyelashes, and a spider tattoo. ("Spider" is a prearranged password.)

Supplier: You sound interesting. Let's meet.

Davis: Okay, how about 6 p.m. at the corner of. . . .

Of course, the two never actually meet face-to-face. Davis goes to the location, which might be a locker in a bus station. He drops off cash, and picks up, say, a harmless-looking gym bag--full of cocaine. Because the buy was set up entirely on-line, no phone records will ever surface linking Davis to the supplier. They've even avoided the cost of a long-distance phone call.

Small-time drug traders have found other ways of reducing their risks through technology. Former DEA agent Bob O'Leary, who set up his own private investigation firm, Integrity Assessments Inc. in Annapolis, Md., after 25 years in federal law enforcement, remembers being stationed in Miami some years back and listening to an intercepted radio conversation between a drug smuggler pilot in the air and a distributor on the ground with whom he was trying to rendezvous. "I can't find you, I can't find you. We're out of fuel. I'm going to try to land . . ." radioed the increasingly frantic pilot. He did land--like a mortar shell, exploding on impact. "We could always count on a certain percentage of smugglers killing themselves," says O'Leary.

These days, agents are lucky even to spot smugglers. Frantic radio calls and flashlight-waving have been replaced by inexpensive and stupifyingly precise global positioning systems (GPSs). If they're willing to invest a couple of thousand dollars in this former military technology, even the worst smugglers and the most clueless ground crew can manage a successful drop. "The GPS is revolutionizing air smuggling," groans O'Leary. Adding insult to injury, some smugglers use satellite communications systems to send messages to the ground rather than rely on far more easily interceptable single sideband radio.

Even when they're caught, wired criminals are often harder to prosecute because virtual evidence is easily disposed of. Cops pine for the days when the most that bookmaking operations could do to protect themselves was to write down all their bets on "flash" paper, which instantly ignites when touched by a flame or spark; bookies had to hope they could light a match faster than the cops could break down the door. Today, even tiny bookie operations are often set up around spreadsheets equipped with a "hot button" that deletes all files with the flick of a finger.

The Texas State Police consider themselves lucky to have recently closed down one bookie operation based in a tiny house in the middle of a forest near the town of Beaumont--they managed to get to the computer before the "bad guy" did when they raided the house. They discovered that the bookie had been using E-mail to oversee remote bookmaking operations in three other cities. Sergeant Investigator of Special Crimes Brady Harris complains that the ability to control illegal operations at a distance via computer has created a tactical and jurisdictional nightmare. "When you can operate a bookie joint in Dallas from a computer in a small town," he says, "it makes you hard to find." Even when the police do find the culprit, they can't always figure out who should prosecute him. In the past six months, Harris adds, he's had to go from not knowing how to turn a computer on to making it a part of his everyday life.

Two thousand miles away, in Nassau County, N.Y., Detective Bill Bambrick echoes Harris's complaint. Bambrick works for the Nassau County Police Department's computer crime section. He's seen marijuana dealers who use Excel spreadsheets, gambling operations running Lotus 1-2-3, and even one loan-sharking operation that had developed proprietary software to track debtors. But the hardest part of his job, he says, is proving that the one who gets arrested is the one who has been running the computer. It's not enough to dig up incriminating E-mail. "To get a conviction in court," he says, "you have to place a person at the keyboard." A whole case could be destroyed if, say, the defense can prove that an entire family used a seized computer. After all, who knows who actually participated in the illegal activity?

Balich and his partner, Detective Ernie Blanchard, don't even bother to try figuring out who was at the keyboard. That's someone else's job. For them, just digging up and poring over the data from criminal enterprises is a full-time effort. "Imagine walking into someone's business cold and having to figure out how their entire business works by looking only at their computer," sighs Blanchard.

To make things harder, crooks hide information in the damnedest places. Some of them disguise the data by burying it in hundreds of lines of mind-numbing programming code. Others stick it in hidden areas of their hard drives. Still others interweave incriminating information with information from legitimate operations. Even for pros like Blanchard and Balich, ferreting out the dirty data from a single operation can take weeks. And it's getting worse. Three years ago, when Balich joined the unit, the average hard drive he saw had about 120 MB of disk space. Today, it's not uncommon for him to see a 3 GB hard drive. A disk that size that's full of suspect data could take about 3,000 man-hours to analyze--about an hour of analysis per megabyte of data. In an attempt to cut the time spent on each case, Blanchard and Balich continually refine their search methods and criteria.

Despite these challenges, there are some advantages for law enforcement in the trend to high-tech crime--if the criminal operation is a small one. If a Mafia middleman gets busted in Newark and the cops seize his computer, the data will likely reveal bits and pieces of the business that don't add up to a clear picture of what's going on. But in an operation as small as, say, Brandon Kessler's, the cops may find all they need on a single seized PC.

The owners of a massage and prostitution parlor recently found this out the hard way when police raided their shop in West Hollywood, Fla., and seized a 486 PC. The investigators knew they'd need to have the evidence corroborated by testimony from a few customers to make the charges stick, but the proprietors had been careful to avoid listing customers' names anywhere in their records. However, mixed in with the usual spreadsheet software and financial records, police discovered a credit-card verification program. Instead of the normal swipe machine most businesses use with credit cards, the massage parlor/brothel had a program in which they entered every customer's credit-card number and expiration date. When they needed confirmation, they ran the program and, via modem, the software would contact the credit-card companies to verify the information. A phone call to the companies provided names to go with the numbers, and investigators didn't have to get far down the list before they got a handful of terrified customers who agreed to tell all--on the promise that their wives wouldn't be notified.

In addition to getting evidence when a computer is seized, law enforcement gets something else: new equipment. It's a good thing, because police-department budgets seem to be trailing those of criminals when it comes to computers. Detective Bambrick says he works almost entirely on seized and forfeited computers, except for a few machines donated by IBM; the Nassau County Police Department has only just begun to budget funds for computer-crime-squad technology. Bambrick notes that the number of crimes committed with the aid of a computer has tripled in the past year alone, yet he's only recently been assigned new people.

The gap could grow wider. While local law-enforcement agencies try to keep up with the new-age criminal by taking courses in Microsoft Word and Lotus 1-2-3 and learning to check suspects' desk blotters for scribbled passwords, the criminals are jumping to the next level of sophistication. Dennis Hilliard, director of the Rhode Island State Crime Laboratory, who teaches a class in computer evidence at the University of Rhode Island, agrees that some criminals could be safeguarding their data via magnetic doorways that erase information as soon as the computer is carried over the threshold. Others are turning to encryption software, which converts data on a hard drive or in an E-mail note into a scrambled form that has to be "decrypted" with a software "key"--known only to the criminal--to be intelligible. One simple encryption program known as PGP is widely available over the Internet for free. Michael Hall, an independent consultant who works with police departments, has been running into encrypted evidence, and it scares him. "If you intercept an E-mail message and it's encrypted," says Hall, "you're done."

One of the biggest headaches looming on the law-enforcement horizon is the advent of personal communication systems. PCMs are ultra-sophisticated versions of cell phones that transmit data digitally--and so can't be tapped. MCI, Sprint, and other companies that make the devices loudly tout them as more secure than cell phones. "Everyone from Colombian cartels to two-bit school-yard drug dealers know you can't monitor these things," grumbles one DEA agent. The devices are already popular with dealers in the Northeast from Boston to Baltimore, even though most of the public isn't even aware of the new phones' existence.

But in the end, it may not be state-of-the-art technology that positions criminals to wreak the most havoc. The standard stuff can still do the trick. Take the car-theft ring L.A.S.D. Detective Jeff Enfield encountered recently. Having stolen more than 100 luxury vehicles, mostly Toyota Land Cruisers, the thieves used a simple desktop-publishing program and a couple of laser printers to print out counterfeit registrations, complete with bogus vehicle identification numbers, for each vehicle. Then they had the vehicles, along with the fake paperwork, driven down to Guatemala, where they sold them to unsuspecting wealthy citizens who never questioned the authenticity of the documents.

Other car-theft rings, says Enfield, produce reasonably convincing documents with the same software he himself uses to write up his reports--WordPerfect. Still other crooks go down to their local computer store to buy a program typically used by health clubs and other legitimate businesses to produce membership cards that contain data on a magnetic strip. The program can be employed to recode the strips on the backs of stolen credit cards and to clone cell phones.

Where do the bad guys learn the technical information they need to set up these programs? What little it takes can often be found on the Internet or through more-traditional criminal grapevines, including prison. One of the best sources for techniques, though, has been the courtroom, where criminals, cops, and expert witnesses alike often spill the beans in full, clear detail while testifying. In fact, sources within law enforcement admit to being urged by federal agencies to keep the technical talk in the courtroom to a minimum. While acknowledging the wisdom of that advice, ex-DEA agent O'Leary is also a little disheartened by it. "Technology talk has always been the best way to wake up bored jurors," he explains.

Sarah Schafer is a reporter at Inc. Technology.