Nick McGowan has been in Law Enforcement since 2003 and is currently a Detective with the Petaluma Police Department in Northern California and a member of the San Francisco Electronic Crimes Task Force (SFECTF). Detective McGowan has experience using tools such as EnCase, FTK, Internet Evidence Finder, Cellebrite, MSAB XRY, Paladin, etc. Aside from being involved with the SFECTF, Detective McGowan is a member of the Petaluma Police Department Gang Enforcement, SWAT operator, Defensive Tactics Instructor, and an Adjunct Faculty Member at the local community college.
Detective McGowan spoke about cyber crimes and his real life experiences in street gang cases related to technology at an interview conducted by LIFARS.
LIFARS: I believe you work with a lot of Criminal Street Gang cases. How much street gangs are leveraging technology for crimes?
Nick: I have been assigned to the Petaluma Police Department Gang Enforcement Unit since 2007 and am currently a member of the San Francisco Electronic Crimes Task Force.Over the past 9 years, I have seen Criminal Street Gangs become more sophisticated and a noticeable increase in electronic crimes committed by Criminal Street Gangs. We have all read about Social Engineering and using social media outlets to gathering personal information. Criminal Street Gangs use these social media platforms to harass, intimidate, stalk, threaten, organize, communicate, etc. Social media exploits are not the only area Criminal Street Gangs thrive.
As a society, our vulnerabilities increase as technology continues to advance and vendors focus more on profit over product security. We are now in the era of the Internet of Things (IoT) and consumers want the newest gadgets. Every week we read about new product vulnerabilities from items such as Thermostats to Point of Sale terminals. For example, Hak5 recently posted a YouTube video from Def Con about Bluetooth sniffing. This is a concern as most of our devices use Bluetooth, such as watches, headphones, automobiles, home security, etc., and Criminal Street Gangs can employ techniques to exploit these vulnerabilities.
Criminal Street Gangs use electronics to commit fraud, identity theft, stalking, counterfeiting, human trafficking, drug trafficking, gambling, extortion, and felonious assaults. Criminal Street Gangs are also using forms of crypto currency and conducting business over the Darknet.
LIFARS: You have been in Law Enforcement for more than 10 years, being an expert in many areas. Could you tell us how one can build a great detective skill set?
Nick: Like most careers, continued education is essential to build a great skill set. This requires staying tuned in with the current treads and continuing to build on prior knowledge. Cybercrime is a very broad term. However, a majority of crimes involve an electronic component. Cybercrimes range from state sponsored attacks, like hackers, to social engineering to theft of goods. An overall understanding of Cyber Crimes with the ability to search and locate evidence on mobile devices, personal computers, point of sale terminals, wearable electronic devices, etc. is an essential skill set.
There are a variety of methods of continuing education in Cyber Crimes for Law Enforcement. For local non-Federal Law Enforcement, the National Computer Forensic Institute (NCFI), National White Collar Crimes (NWC3), Texas A&M continuing Education (FEMA), SANS.org, InfoSec, and local Colleges/Universities to name a few. Federal Agents have their own agency sponsored training and are usually not eligible for some of the above references training.
It is important to figure what area of cyber crimes the person finds interests to become a Cyber Crime Investigator. The field is too large to be proficient at everything.
LIFARS: Is law enforcement enough trained to deal cyber crimes? If so, what are the enforcement for cyber crimes? And if not, could you tell us your idea on what else is needed to deal with them?
Nick: As a whole, Law Enforcement is not adequately trained to deal with cyber crimes. There is, of course, a small segment in law enforcement that is well trained and has a good understanding in cyber crimes. However, a majority of the crimes committed today have an electronic component that requires analysis.
Due to the limited availability of Law Enforcement being adequately trained; it becomes a matter of training versus a comprehensive examination. It is a huge cost for local government to train officers and agents to become proficient at investigating cyber crimes. Moreover, many of those that have received formal training, such as computer related degrees ad certificates, seek employment in the private sector due to the wage discrepancies. Law Enforcement is playing catch-up with preventing and investigating cyber crimes. One possible remedy is to hire civilian employees to handle investigations that do not require face to face interview/interrogation.
LIFARS: Are there any suggestions you would like to give to someone who wants to be a cyber-security detective?
Nick: If a person is interested in becoming a cyber crime detective, I suggest to get a degree in computer science or at least get a solid foundation using free sites like cybrary.it. Once the area of focus is determined, the person should find an agency that conducts investigations in the desired area. Anyone interested in investigating electronic crimes or cyber crimes should have a solid understanding in how computers and networks function.
If the person does not have any prior computer knowledge, starting off with CompTIA+ is the best way to get a solid foundation. Once you have a basic understanding, I suggest to start with CompTIA Network+ or CompTIA Security+. From this point, you should have an understanding of a focal area and progress to more advanced areas, such as forensics, post incident response, social engineering, or a change in career path. Forensics is the most common area of focus for Law Enforcement due to the need to recover data that is pertinent to the investigation. Digital Forensics includes retrieving data off of mobile devices using push button tools to carving data that is lost or deleted. Again, the most important thing for any career in cyber crime is continued education and a strong desire to solve problems.
Connect with Nick McGowan on LinkedIn