Hacking away at kiddie porn
August 18, 1998
by Deborah Radcliff
(IDG) -- In February, the information systems department at Sonoma State University in Rohnert Park, Calif., learned that child pornography was being stored on a server somewhere on campus.
The tip-off message to IS included the exact IP address. In Sonoma State's system, each IP address is associated with a specific port. This one was a direct Internet connection in a dormitory. The IS staff captured images flowing into and out of the port before university police made the arrest.
"It only took us a couple of hours to catch the guy," says Sam Scolise, Sonoma State's information technology director. "But it was a very depressing day for our staff because of the horrible things they saw."
Sonoma State received its initial tip from what some might consider an unlikely source: a Swedish hacking group.
In the battle against child pornography, one of the authorities' best allies turns out to be hackers, the ultimate haters of authority. Although police won't acknowledge them publicly, some hacking groups informally assist law enforcement agencies in both technical training and evidence gathering.
U.S. Customs, the Federal Bureau of Investigation and other agencies have set up undercover units to combat child pornography. But because of limited funding and scarce technical resources, they fight an uphill battle. Customs experienced a 185% jump in child pornography cases last year alone - yet has only three agents dedicated to working them.
"There's so much out there. It's impossible for agents to keep up," says Senior Special Agent Don Huycke, national program manager of U.S. Customs' child pornography enforcement program, which has its headquarters in Sterling, Va.
From October 1996 through April 1998, U.S. Customs made 403 arrests related to the interstate transport of child pornography, including 175 last year alone.
Although the FBI got a later start, its caseload mushroomed during the same period. Since its inception, the FBI program has resulted in 407 searches and 192 convictions against people who use online services to recruit children into illicit sexual relationships and those who distribute pornographic images of children.
With miniscule funding, volunteer hacker groups have an even harder time keeping up. "When we started in summer 1997, we got inundated quickly with people saying they found terrible sites and would we please check them out," says 21-year-old hacker and college student "RSnake," who heads the 15-member Ethical Hackers Against Pedophilia (EHAP) group from his Northern California apartment.
"We were working eight hours a day on this, and our database grew so quickly we looked for donors to give us space," he says.
Their own game
Hackers and police alike try to beat pedophiles at their own game by trolling the Internet posing as teens. These are the same tactics used in the real world by law enforcement agents such as U.S. Postal Inspectors.
Once images are passed or other obvious evidence of pedophilia is observed, investigators try to talk perpetrators into offering personal, identifying information. Failing that, they wait for suspects to set up a face-to-face meeting. "The moment they cross state lines for the purpose of engaging in sex with a minor, they see five or six agents instead of a 14-year-old," says FBI Special Agent Larry Foust.
If they can't lure suspects, investigators use proprietary technology and investigative techniques to electronically track and trace byte trails, either to pedophiles' personal machines or to the servers that house the images.
Even when agents complete such traces, they often find the server space pirated from a legitimate business that has no knowledge of what is stored there. Agents say that makes it even more difficult to find the actual owners of the child pornography.
RSnake says he has passed on tracking programs and training materials to law enforcement agencies. Another group, www.pedowatch.com, offers a free, downloadable tool called Digger Engine, along with detailed techniques to trace Internet Relay Chat users and Usenet posts.
The uneasy relationship between hackers and law enforcement has come with a lot of hard knocks. RSnake says he made a few blunders in the beginning, but that he and his 14 cohorts have now learned to do their sleuthing within the boundaries of the law.
Agents and officers also receive training from a Sacramento, Calif.-based organization called System for Electronic Analysis and Retrieval of Evidence, or Search. The group is funded by a grant from the U.S. Department of Justice.
"We teach investigators how to go undercover and identify where these pedophiles hang out - basically, how to patrol cyberspace," says Fred Cotton, Search's director of training. "The Internet is one big network. These perps have got to be somewhere."
But Search conducted only two classes dedicated to online child pornography last year. Cotton blames this on a lack of funding and human resources.
U.S. Customs was the first agency to take action against online child pornography during the bulletin board service craze in 1989. But no one in Huycke's tiny department knew how to investigate bulletin board service cases. Mostly, they just watched them for posted images.
In 1992, the department caught a break in the form of a perpetrator who talked a lot. He showed Huycke's agents the hot bulletin boards and how to receive images electronically. "We didn't have any way to learn this without the bad guys showing us," Huycke says.
Money and people
The FBI's fight against child pornography received a $10 million budget allocation from Congress a year and a half ago, which was used to increase staff to 60 agents.
But U.S. Customs and most local agencies sorely lack human resources, training and funds. And because they receive absolutely no outside funding, hacking groups are dropping like flies. Last year, Southern California-based Hackers Against Kiddie Porn folded. According to RSnake, EHAP isn't far behind.
Law enforcement agencies and hacker groups agree that what's really needed is a permanent budget increase and more educated and technically trained investigators. They also urge parents to find out what their kids are doing on the Internet and control children's access privileges. Sonoma County Prosecuting District Attorney Gary Medvigy says, "The more people volunteer as pedo-watchers and the more parents who put on software blocks to protect their own kids, the more it will help us deal with this problem."
It was Medvigy who prosecuted Noah Alan Pal, the 19-year-old who was caught using the Sonoma State server.
In May, Pal pleaded guilty to possession of child pornography. In July, he was sentenced to eight months in jail, psychiatric evaluation, forfeiture of his computer and three months' probation.
"The university's IT department did a great job," Medvigy says. "And I think it's great that hackers, with their talent, report these sites to law enforcement."
Radcliff is a freelance writer in Northern California. Her Internet address is firstname.lastname@example.org.
Back to the top
© 2000 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.