LIANE HANSEN, host:
This is WEEKEND EDITION from NPR News. I'm Liane Hansen.
Think about this when you next use the Internet: You risk an encounter with other users who want to harass you.
Ms. JANE HITCHCOCK (President, Working to Halt Online Abuse): In January of 1997, they began posting controversial messages, saying that I was into, say, the masochistic sex and that I wanted to share fantasies anytime of the day or night, and then listed my home phone number and my home address. And it went from there.
HANSEN: That's Jane Hitchcock. Today, she's the president of Working to Halt Online Abuse, a group that helps cyber stalking victims. Her story begins in 1996, after a fake literary agency tried to con her online. Hitchcock tried to put a stop to the scam by warning other users. The fraudsters didn't appreciate her efforts and came after her, virtually and physically.
Ms. HITCHCOCK: It was just a nightmare because they started doing things to me offline. I work for the University of Maryland, and they tried to get me fired from there. I was followed in a parking lot at one of the campuses one night. It was frightening. They were - these people were just nasty about everything that they did to me, and I didn't know what they would do next. And they had me so paranoid at one point that - and especially after the time I was followed at the parking lot, that I would actually get under my car and check it and make sure there wasn't a bomb or anything or my tires haven't been punctured.
It was really frightening never knowing what was going to happen next and, you know, once I got over the fear, that's when I got very angry and, you know, making sure that if other victims came for help that we would be able to help them because there was nothing like that out there when it happened to me.
HANSEN: In the final chapter of this month series on cybercrime, we're going to examine the problem of cyber stalking. Jane Hitchcock's volunteer organization receives reports of about 75 cases of online harassment a week. A large number of the victims are women between 18 and 30.
Ms. HITCHCOCK: The average cyber stalker that we found is male. All of the female stalkers have been rising over the years, but they're usually white collar. They usually don't have a criminal record. But most of them do it because it gives them an ego boost, makes them feel more powerful thinking that they can harm somebody, whereas, I'm sure if you ask most of these people, if you've met your victim in person, would you have done that, and I know that most of them would say no. They're basically cowards at heart.
HANSEN: Law enforcement is beginning to understand how widespread cyber stalking is. Tim Wedge is a computer crime specialist at the National White Collar Crime Center. He provides training and technical assistance to law enforcement agencies across the country. This is his definition of the term cyber stalking.
Mr. TIM WEDGE (Computer Crime Specialist, National White Collar Crime Center): Using the Internet to find out where the person has moved to, find personal information on them to support their physical stalking, going into chat rooms and harassing the person, appropriating that person's online identity. There are just tons of things that could be online harassment. It's a very wide field of things. I think what really constitutes stalking is whether it's perceived as stalking.
HANSEN: Are there other ways the Internet has changed traditional stalking?
Mr. WEDGE: I think yes. One of the things - I think when we talk about online stalking or cyber stalking, you really lower the threshold for somebody to become a stalker. You know, back in the olden days, if you wanted to stalk somebody, you had to at least get up out of the house or pick up a phone and there's at least a risk that somebody would recognize your voice.
HANSEN: When you hold your training classes for law enforcement personnel, how do you prepare them to deal with these, sort of, cyber-stalking scenarios?
Mr. WEDGE: We do have several case scenarios in several of our classes that involve physical stalking with an electronic component as well as cyber stalking. And we actually have them go extract evidence sometimes from a suspect's computer from a victim's computer and sometimes even actually from the Internet. We do have a basic online technical skills class where they have to go on the Internet and find certain things and trace certain Internet activities to a street address and a phone number.
HANSEN: The ability to trace Internet activities proved useful for one California woman. Jane Hitchcock recalls the victim's story.
Ms. HITCHCOCK: She had men coming to her door saying that they had read online that she was into rape - home-invasion rape fantasies. And somebody have been posting as her and actually posted a floor plan of her apartment, how to get them pass the security alarm because she had one and just saying it was a game to her, supposedly. The message is retraced back to a man that she had met at a church function at her church and had asked her out and she had said no, and he didn't like her saying no.
HANSEN: The woman's harasser pleaded guilty to stalking and solicitation of sexual assault. He received a six-year prison sentence. But cyber stalking isn't limited to individual victims. Companies can be harassed too. Ron Teixeira, executive director of the National Cyber Security Alliance, explains corporate stalking.
Mr. RON TEIXEIRA (Executive Director, National Cyber Security Alliance): What happens is people who think they've been wrongfully terminated will actually take the information that they have, maybe their log-in information or account information and access to either secrets or even that network and could actually launch an attack or actually put a virus in the network to either destroy files, to cause mischief, to create damage as a way to get back at that company for a wrongful termination.
HANSEN: Disgruntled employees can use the Internet to spread a virus or crash a network, and it can inflict damage far beyond the confines of the company. Ron Teixeira's example is a case in Australia.
Mr. TEIXEIRA: There's a gentleman who's a software engineer who had information on a sewage plant's network and how to get in. He wasn't happy with the company that, you know, fired him. And so to get back at them what he did was he actually broke in through the Internet into the network to this Australian sewage plant and release raw sewage - tons of it - into the ocean. And so it's an extreme example of how, you know, it's not only to hurt the company but also to hurt others, the public.
HANSEN: So this is what Ron Teixeira suggests companies do if they've been attacked.
Mr. TEIXEIRA: One of the first things you need to do is to make sure you collect evidence. A lot of corporations do what they call stop the bleeding, and so they use their technicians to potentially just stop whatever is happening. They need to stop the bleeding but also preserve any evidence they have. The next thing is to make sure that they call law enforcement. And the third thing is to make sure again that you have plugged all the holes that may be left open, any sort of information or account information that person may have or ability to get back into the network.
HANSEN: Throughout the four weeks of our cyber crime series, a recurring question has surfaced: How can people in businesses protect themselves? Law enforcement and the legal system continue to gain ground, investigating and prosecuting cyber criminals, but Jane Hitchcock says the first line of defense against many cyber crimes is the individual.
Ms. HITCHCOCK: People tend to think there's more good out there than bad, and unfortunately, you have the bad people, you have the scam artists, you have, you know, the predators out there and you just have to not be so trusting.
HANSEN: You can hear more in our series about cyber crime at npr.org. Tomorrow on MORNING EDITION, NPR's FBI correspondent Dina Temple-Raston has the first in a series of reports about high-tech advances which will allow the FBI to reopen cold cases and solve new ones.