GUEST BLOGGER
Colin May, CFE
Adjunct Professor, Stevenson University

If 2020 has taught us anything so far, it’s that technology pervades nearly every sector of our lives. As COVID-19 began to impact daily life worldwide in early 2020, it seemed like everything that could be moved to a tech platform was moved. Terms like “Zoom-bombing” and “video call fatigue” entered our vocabulary. And we saw a massive increase in the number of frauds — cybercriminals and fraudsters were working from home, too.

In this third part of four, we cover some of the resources to help make fraud examiners more tech savvy, and gain a deeper appreciation for the technical aspects of our job as fraud fighters. In previous posts, we’ve covered some of the basic tech resources, as well as low- or no-cost trainings available. To take things to a deeper level, here are five additional resources that go beyond simple understanding and provide a more detailed explanation of how tech — and tech crimes — work.

As always, inclusion in this list isn’t an endorsement, but rather a place to start your tech journey. It should be noted that this list of “deeper dives” increases in complexity.

1. Internal Revenue Service (IRS) tax security resources

Many ACFE members in the U.S. are Certified Public Accountants (CPAs) or Enrolled Agents (EA), meaning they practice before the IRS. After examining the potential technology vulnerability of CPAs and EAs who prepare individual and entity tax returns, the IRS began a Tax Security Initiative to help educate and provide resources for the tax community on securing their data and systems. This website provides detailed information, checklists, publications and videos that can help simplify the security process for non-IT practitioners.

BONUS RESOURCE:

The Government Accountability Office, the auditing agency of the U.S. Legislative Branch, has published numerous reports that deal with cybersecurity, technology implementation and associated risks. It has also published reports on financial technology and cryptocurrency, which provide useful background and information on the issues.

2. The IACP Law Enforcement Cyber Center and Social Media Center

The International Association of Chiefs of Police (IACP), in collaboration with several other law enforcement associations and funded by the U.S. Department of Justice (DOJ), has assembled a wide array of helpful materials. While written for police executives, investigators and prosecutors, much of the information on the repository is useful for any fraud examiner. For example, in the executive section, it has tools for developing policies, processes and oversight. In the investigators section, it has guides for seizing and searching Internet of Things (IoT) devices, gaming platforms like Xbox and mobile device forensics. The Social Media Center also has a model policy and discussion paper that provides information on social media issues.

BONUS RESOURCE:

The RAND Corporation is a nonprofit public interest research organization that provides resources and data analysis for complex problems. Their research includes many technical issues, such as cyber issues, legal and business challenges, and emerging issues in science and technology. Their website hosts reports, research findings, podcasts and other materials that help break down complex technical issues.

3. The DOJ’s Computer Crimes and Intellectual Property Section (CCIPS)

CCIPS is the home to federal criminal prosecutors who focus exclusively on technology crime, intrusions and digital forensics. Their webpage includes detailed press releases, which discuss criminal activity and prosecutions undertaken by the section, including some of the methodologies the perpetrators used. These can be powerful learning opportunities. The site also contains manuals, documents and publications that, although sometimes dated, are still useful in educating fraud examiners about the law, policy and technical processes for these cases.

BONUS RESOURCE:

The National Institute of Justice and the National Criminal Justice Reference Service (NCJRS) have published numerous guides on digital forensics. While some are a little older, they still provide useful training and resource tools to help you understand the underlying technology and the baseline process of preserving, collecting and searching digital evidence.

4. Scientific Working Group on Digital Evidence (SWGDE)

The SWGDE is a nonprofit organization designed to collaborate with public, private and academic practitioners and researchers to identify and publish best practices for high-quality digital evidence collection and examinations. They are an active organization that includes members from various technology companies, police departments, prosecutors’ offices, banks and federal law enforcement agencies.

The group has a focus on various types of digital evidence, including audio, photographic images and video, as well as collection of computers, mobile devices and servers. They compile and publish best practices, as well as seek public comment on draft practices before they are finalized. Their website contains the finalized best practices, as well as archived editions. While some of the documents are technical, many of them are easy to understand and follow, often with useful additional resources and links.

BONUS RESOURCE:

The U.S. National Institute of Standards and Technology (NIST), part of the U.S. Department of Commerce, has a special program devoted to technology testing and digital forensics resources. It publishes many technical, deep-dive studies and tests that are useful for understanding many of the underlying issues with technology, especially in the forensic environment.

5. MITRE Corporation’s Cyber ATT&CK® Knowledge Base

MITRE Corporation, another nonprofit organization that operates federally funded research and development centers for the U.S. government, has developed the ATT&CK cyber methodology to help quantify and understand specific cyber threat models and methodologies. The website has an extensive grouping of basic papers and presentations that help practitioners understand the methodologies, as well as more advanced technical assessments of specific threat vectors. This can be very useful for fraud examiners who may be asked to review or audit potential technical vulnerabilities of networks, or to prevent specific types of cyberattacks.

BONUS RESOURCE:

The Software Engineering Institute (SEI) at Carnegie Mellon University has an extensive array of resources on cyber and digital forensics. Their annual Year in Review highlights issues and challenges identified in cyber and technology. They also have an active blog, digital library, podcast series and other useful resources. For those interested in learning more about digital forensic examinations, SEI also has an online program leading to a certificate in digital forensics.

Colin May, CFE, is an Adjunct Professor of Forensic Studies and Criminal Justice at Stevenson University in Owings Mills, Md. For over 10 years, he was a Special Agent with the U.S. Government. He is a Certified Fraud Examiner and a Certified Cyber Crime Examiner (charter member); He may be reached at cmay3231@stevenson.edu. The views expressed in this article are the author’s own.