By JAZMINE ULLOA, The Brownsville Herald
Sounds horrifying: There are computer Internet viruses that can make you an unwitting collector of child pornography.
An Associated Press investigation earlier this week found that pedophiles could hack virus-infected PCs to store and view their stash without fear of getting caught— kind of like having the machines do their dirty work.
In a number of cases, innocent people were labeled criminals after co-workers or loved ones stumbled upon the child pornography. Proving their innocence was complex — at times nearly impossible — and cost hundreds of thousands of dollars.
But do not panic. Computer forensic experts and law enforcement authorities say the chances of a virus infecting your computer with kiddie porn are low — and the chances of being framed by what is on your computer are slim to none.
The type of viruses associated with these cases, more broadly defined as malware, allows a hacker to remotely control someone else’s computer, turning it into a zombie, or a Bot, computer security experts said. They have been around for years and have allowed hackers to store all kinds of data on other people’s computers without their knowledge, including music, DVDs and — yes, though rarely — child porn.
Other types of viruses force someone else’s computer to surf child porn Web sites and download images.
Usually a third party, such as co-workers, loved ones or a service provider, discovers the hidden child pornography. If you do happen to stumble across it yourself, bringing in police scrutiny can be a double-edged sword, said Eric Goldman, academic director of the High Tech Law Institute at Santa Clara University.
"On one hand, you get credit for volunteering useful information; on the other hand, you immediately become a person of interest," Goldman said. "Child porn is just that toxic."
But most malware is designed with profit in mind — to steal credit card numbers or for identity theft, said Christopher Landi, section chief of the computer forensics program for U.S. Immigration and Customs Enforcement (ICE). And if it does happen, the chances of being charged by authorities for child pornography just by what is on your computer are very low, he said.
"The worst thing would be not to report it and have law enforcement find out through other investigative means. Then, it is harder to explain," Landi said.
In child pornography cases there is typically an overwhelming amount of evidence to prove a person’s guilt, such as compact disks, DVDs and sometimes even camera and video equipment, law enforcement officials said.
Michael Geraghty said he worked on more than 300 child pornography cases as a police investigator for the cyber crime center in New Jersey — "and in not one was a virus ever responsible for the crime."
"It would be an aberration if law enforcement came across these types of cases," said Geraghty, who now serves as the executive director of the technology services division at the National Center for Missing and Exploited Children. "We have to look at the totality of the evidence, not just that there are images on the computer. That is only the starting point of the investigation."
The National Center for Missing and Exploited Children established a cyber crimes tip line in 1998 for electronic service providers and the public to report Internet-related child exploitation. It receives more than 100,000 reports per year but does not have statistics on how many involve Internet viruses.
ICE also could not provide figures on how many of its child pornography cases have involved Internet malware.
Computer security and forensic researchers have been studying how viruses expand since the first widespread worm of 1998, said Sean Peisert, computer security researcher at the University of California, Davis.
Some of the big worms to spread have been Code Red, Slammer and the Witty Worms, and today malware is extremely common in ample variations, he said. But it is difficult to identify the type of viruses that allow hackers to store images on the computers of others.
"Something like this, where you are talking about images just sitting quietly on someone’s computer, is not something someone from the outside can easily detect," Peisert said. "We do not have good estimates of how often this happens or how widespread the issue is."
The best protection against this type of malware is to follow the typical precautions taken against computer viruses, said Thomas Morris, an assistant professor of electrical and computer engineering at Mississippi State University and a faculty member of the university’s Center for Computer Security Research.
Use reputable virus protection programs on your computer, Morris said. Keep its digital signatures up to date and allow automatic updates in Windows. Do not open emails — especially attachments — from unknown senders, and turn your computer off when you are not using it, so that the machine is not connected to the Internet and at the whims of a hacker.
"It is a never-ending war" against viruses, Morris said, even though most of it happens in the background.