Förderverein Informationstechnik und Gesellschaft


11 June 1999. Thanks to Anonymous.

Six pages of hardcopy, each page with fax heading "DOJ-AAG, CRIMINAL".

>From an appendix to the agenda of the next meeting of the G8
Subcommittee on High-tech Crime.

[Undated, apparently prior to April 30, 1999]

DOJ-AAG, CRIMINAL (distributed in Konigswinter)

[Flags of the G-8 Nations omitted]

G-8 Training Exercise

** This exercise is intended to serve as a process to share information on specific procedural issues and investigative tools associated with the investigation of computer crime and computer forensic examinations. This exercise will not address individual considerations related to legal/policy issues associated with the various respondents. Distribution of the responses compiled as a result of this exercise should be strictly limited to government and law enforcement personnel tasked with the investigation of high-tech crime.

The exercise includes specific questions designed to encourage respondents to share investigative techniques. The questions should not limit respondents in sharing any tool or techniques not described in the exercise that have proven successful in actual circumstances such as specific hardware, software and domain name resources.

Hypothetical Investigation:

An internet service provider has reported a system failure as a result of hacking activity. The system consists of a network setup in a Windows NT environment. The owner of the victim company had provided copies of email messages containing information from the hacker as to his motives and the extent of the hacking activity.