ad info  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  




Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent



More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections


4:30pm ET, 4/16










CNN Websites
Networks image

A case of cyberstalking

Network World Fusion

May 31, 2000
Web posted at: 10:13 a.m. EDT (1413 GMT)

(IDG) -- Shortly after she fired a freelance photographer for downloading pornography, a vice president at the Lexington Herald Leader newspaper started getting strange phone calls from men who said they had met her in chat rooms and wanted to meet her in person.

Then came subscriptions to Playboy, Penthouse, Playgirl, Bride and Seventeen magazines, none of which she ordered. A male executive who was also involved in firing the photographer started getting calls from females who thought they'd met him in chat rooms he never visited.

The publisher of the Knight-Ridder newspaper in Lexington, Ky., began receiving porn spam. In the most outrageous twist, Jones Fish in Williamsburg, Ky., called the vice president to discuss her order to stock a five-acre lake with fish. Of course, she knew nothing about the order.


At that point, the newspaper managers thought it would be a fairly simple matter to report the incidents to the police and have the man arrested. Unfortunately, three years have passed, the harassment continues to this day, and authorities are apparently powerless to do anything about it.

With cyberstalking on the rise, the Herald Leader case provides a useful lesson for any network security executive who may run into a similar problem. When the incidents first began, the Herald Leader hired private detectives to track the activity back to the photographer. Herald Leader management pleaded with the postal inspector and the telephone company, contacted local and state police, and even the FBI, according to a high-ranking executive at the paper who asked not to be identified.

Under most state laws, this activity qualifies as stalking, which is usually a misdemeanor that law enforcement officials typically won't bother with unless there are more serious crimes or threat of bodily harm involved.

  Making it harder for cyber-criminals to steal your identity
  Tracking violent offenders
  White House moves against cyberstalkers
  'Identity fraud' law reviewed
  Reviews & in-depth info at
  Questions about computers? Let's editors help you
  Subscribe to's free daily newsletter for network experts
  Search in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

Because of these light penalties and the confusing, immature nature of state laws on cyberstalking, these cases are difficult to prosecute, says Lt. Commander Chris Malinowski, who heads the New York City Police Department's computer crime unit.

So what's a company to do if cyberstalking hits close to home?

"You have to attack things like this in phases," says Paul French, computer forensics lab manager for New Technologies, Inc., a training firm in Gresham, Ore. "First you find out who did it. Then get legal advice. And if you can't get it stopped, file a civil suit."

This is the procedure followed by Greggory Peck, a senior IT security analyst at a Fortune 500 company, when he stumbles across cyberstalking cases among his employers. He gets involved in such cases an average of three times per year, he says.

"This happens in almost every company I work for," he says. "People call me and say, 'I'm getting these very obscene e-mails.' The person doesn't know who it's from."

Gather the evidence

Peck starts by logging every event, just as the Herald Leader did. Then he retraces the cybersteps of the perpetrator.

Companies that lack the skill to do this should look for a private detective who's well-versed in Internet evidence gathering, suggests Peck.

E-mail is the easiest to track by reading header information, following it back to the ISP, and enlisting or subpoenaing the ISP to match evidence with its customer information. To do this, the ISP must compare its logs for connections that coincide with the dates and times the mails were sent to the victim.

In the case of a chat room scenario, in which the attacker pretends to be someone he's not, tracking is a little more difficult because the person calling or mailing the victim has also been duped by the perpetrator who leaves no obvious IP address trail. But even this can be overcome with the help of the ISP.

"As a security analyst, the closest I've dealt with is someone using chat rooms to libel our company on a public message board," Peck says. "But we do have the ability, through 'little brother' probes and proxy servers, to see who went to chat at at such and such time on Nov. 9, 1998," he says. "Then we could have used a subpoena to ask who's IP address this post originated from."

The next step is to get an attorney with some cybersmarts to help determine whether to seek criminal charges, file a civil suit or neither, advises Alan Wernick, a partner in the Chicago office and co-chairman of McBride Baker & Coles' intellectual property law department.

"Civil suits are one possible remedy," Wernick says. "If the cyberstalker is tying up company computer resources, then other issues may arise, like denial of use."

In that case, you're looking at a violation of the Computer Crime Act, which federal officials are obliged to look into. So if you want the help of law enforcement, look for activity like fraud or computer crime, or threat of bodily harm, Malinowski suggests.

For the most part, French and Peck follow the civil path because they, like the Herald Leader, can't find law enforcement officers to help them. And, Peck says, sometimes just a call to the perpetrator may be enough to stop the stalking. He says this is especially effective when you tell the harasser, "We know who you are. We know where you live. And we know what you're doing."

Just remember that if you're filing damages in a civil suit, most perpetrators don't have much to lose, Malinowski says. If you know the perpetrator's whereabouts, he advises to instead contact the prosecutor in the perpetrator's jurisdiction. State prosecutors, he says, are currently organizing and gearing up to deal with new cyberstalking laws coming out on a state-by-state basis. And when you do contact the prosecutor, bring logs and evidence that point to the perpetrator, Malinowski says.

Unfortunately, following this process doesn't guarantee results. The Herald Leader case shows just how difficult it is to stop a cyberstalker, let alone prosecute one.

"We've tracked the IP address to the perpetrator's computer two times. We've gone to the county attorney's office and they won't touch this," says a Herald Leader executive who asked not to be identified. "We've gone to the Lexington Police Department, the state police, even the FBI. Our publisher has spent a lot of time trying to keep law enforcement interested. What else can we do to get this stopped?"

Should cyber ethics be taught at school?
May 9, 2000
Congress urged to strengthen anti-stalking laws, include Internet
September 29, 1999

White House moves against cyberstalkers
IT crime threat to expand, says NCIS
Take a bite out of cybercrime
Reno: Law enforcement ill-prepared for cybercrime
(Network World Fusion)
Net crime report irks privacy groups
Tracking violent offenders
Links in the crime-fighting chain
The need for anonymous email
(Network World Fusion)

Resource list for cyberstalking issues
State by state guides on stalking
The DoJ's 1999 report on cyber stalking

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.