With online and other various computer attacks against companies becoming increasingly common, corporate lawyers are arming themselves with new technical skills.
"Ultimate Hacking: Hands On," a new crash course offered by the security-consulting firm Foundstone, will teach lawyers about common cybercrimes by re-enacting them in the classroom.
Lawyers will come out of the course a bit more dangerous than when they walked in. Among the new skills they'll acquire is the ability to create a backdoor into a company's system using a remote-access Trojan, an application that allows crackers to gain access to restricted networks.
The course, which costs $750, will be held in San Jose on Friday, in Washington in May, and in New York City in June. It will be co-taught by Kevin Mandia, Foundstone's director of computer forensics, and Marc Zwillinger, a partner at the international law firm Kirkland & Ellis. Topics range from technology basics -- demystifying concepts such as e-mail, Web browsing, Telnet, ftp and Napster -- to federal statutes, including privacy and acceptable-use policy.
Although the course is open to anyone including non-lawyers, Foundstone is targeting a relatively under-exploited segment of the legal education: instructing general or in-house counsel at technology companies how to handle potentially criminal system attacks.
"The first word in general counsel is general," said Raymond O'Campo Jr., director of the Berkeley Center for Law and Technology at Boalt Hall and the former general counsel for Oracle.
"Traditionally speaking, criminal lawyers have not been focused on technology issues, and technology lawyers have not focused on criminal issues. Cyberlaw is a growing field in which there's a convergence of these issues and where there's a need for education."
Corporate attorneys traditionally have left cybercrime investigations up to the FBI or local law enforcement.
But it's no longer enough for corporations to pass the buck, Foundstone says. Speed matters in many of these cases, and in-house counsel can do a better job of capturing the evidence before it disappears. And since many instances of corporate sabotage and cyber-stalking of employees are inside jobs requiring an internal investigation, in-house counsel are often on their own when it comes to sniffing out clues.
How to go about gathering the evidence, however, is not general knowledge among general counsel, and many attorneys can make critical mistakes.
"In the physical world, if a burglar breaks into your house, you might ask the cops to come over and take a look," said Orin Kerr, a trial attorney at the Computer Crime and Intellectual Property Section of the U.S. Department of Justice. "In a computer network context, having the cops come watch the crime occur can be an illegal wiretap, which is a felony."
Although there are a number of ways that crackers might leave their "fingerprints" in a network, electronic evidence is more elusive than evidence in the physical world. And when lawyers don't have a firm grasp of technology, that evidence is very likely to slip through their fingers.
"A good example would be a death threat sent by e-mail," Kerr said. "If you have a death threat sent through the mail, everyone knows where the clues are likely to be to crack the case --handwriting, fingerprints, the return address, the postmark on the envelope. In the case of a death threat sent by e-mail, the evidence is different. You just can't uncover the clues and crack the case unless you understand the technology."
Among the things attendees will learn in Foundstone's course is how to trace the origin of a threatening e-mail and how to issue a subpoena to an ISP requesting that an offending user's anonymity be stripped.
Professors in the field seem to agree that demand for such training is growing, but point out that teaching lawyers about technology can be a bit like teaching physics to poets.
"As a rule, lawyers are notoriously bad at science and math," said Jennifer Granick, director of Stanford Law School's brand-new Center for Internet and Society. "Technology's not our strong point."
Indeed, Foundstone's cyberlaw instructors have their work cut out for them. "A lot of lawyers don't know how to make PowerPoint presentations, let alone deal with cybercrime cases," Mandia said. "We've designed this course as hands-on, and hopefully that should make it a lot of fun for everyone."
