Geeks and Nerds Stuff

UAB Forensics Team DarkTower Leaves Criminals With Nowhere To Hide

A portrait of Sherlock Holmes peers down as Sarah Newton works in the cyber forensics lab. The artwork is apropos. Because, as the world’s greatest fictional detective looks on, Newton, a student from outside Atlanta, is wrapping up her latest investigation.

A digital forensics major, Newton is part of the DarkTower team at the University of Alabama at Birmingham. Composed of undergrads and graduate students alike – and overseen by professionals with vast experience – the team assists with investigations for Fortune 500 companies and law enforcement agencies across the globe. Students routinely work 20 hours or more a week on investigations, supplementing their academics with real-world experience.

On Newton’s screen is a maze of a map covering nearly the entire nation. As she zooms in, hundreds of connections emerge – people, locations and businesses. It’s all part of a weeks-long inquiry into a network of massage parlors that Newton linked together through news articles, online advertisements, social media posts and public records, including business licenses and arrest records. The report she put together documents each connection in stark detail and totals more than 400 pages.

“Whenever I find something good, I get really excited and want to dig in right away just to see where it ends up,” Newton said.

In this case, all trails pointed to a business professional from out of state who’s accused of staffing massage parlors across the Southeast with victims of human trafficking, most of whom are Chinese immigrants. This hard work also pays off for Regions Bank, a DarkTower client. The bank works with Gary Warner, a UAB instructor and the Director of Threat Intelligence for DarkTower, to help ensure the company doesn’t open accounts for businesses that might look legitimate on the surface, but instead are part of criminal enterprises.

“This is Regions being proactive,” said Jim Phillips, Compliance Intelligence Officer at Regions. “To be honest, there’s no one that can provide this intel like DarkTower can.”

Student Sarah Newton explains a web of criminal activity she has tracked to DarkTower professional Gary Warner. (contributed)


Regions has made fighting human trafficking a priority, working with national, state and local law enforcement agencies and nonprofits to fight a heinous crime that robs victims of their innocence and freedoms.

But as the investigations by Newton and the DarkTower team show, human trafficking is part of a deeper criminal culture.


“Human trafficking is bad enough, and the people involved in these crimes are usually involved in other financial crimes that impact not only Regions, but its customers,” Warner said. “They’re also involved in violent crimes. We can help protect the bank while also providing a template for a prosecutor to get these people off the streets.”

Newton turned down the prestigious Zell Miller Scholarship to any four-year college in Georgia to attend UAB. She made the decision after attending a Warner-led computer camp at the Birmingham campus prior to her senior year in high school.

“She gave up a full scholarship to come here because she was excited about computer forensics,” Warner said. “I told her she’d have the opportunity to do things here she couldn’t do anywhere else.”

Three semesters into her college career, Newton has investigated crimes across the globe – all from the UAB lab overlooking the football practice field. She has spent time embedded with the Alabama Human Trafficking Task Force. And she’s the youngest member of the Birmingham chapter of InfraGard, an FBI-sponsored, public/private intelligence-sharing network created to protect the United States from hostile acts.

Warner founded the Birmingham chapter of InfraGard. The head of UAB’s computer forensics research lab, he is recognized internationally for his expertise on intelligence operations focused on malware, financial cybercrimes, online fraud and social media use of criminals, including terrorists.

DarkTower Director of Investigations Heather McCalley earned an economics degree at Duke and had a successful career in banking before getting a graduate degree in computer science and a certificate in computer forensics under Warner at UAB. Before joining the DarkTower team, she had a decade of intelligence and cybersecurity leadership in private industry.

“Back when we first started out, Gary would give me a floppy disk, filled with websites, and say, ‘See if they’re phishing sites,’” McCalley said of her experience as a grad student.

The technology has advanced, and so has the criminal activity. But the intelligence gathering remains based on old-fashioned detective work.

The DarkTower team has developed an international reputation for its focus on combating malware, financial cybercrimes and online fraud by monitoring public records and intelligence gathering. (contributed)


On a big screen in a conference room, Warner, McCalley and Newton review recent investigations from around the world.

A  global scammer lives like royalty thanks to millions of dollars stolen from financial institutions in the U.S. and Europe. He routinely shares his love for the high life – while publicly feuding with a rival scammer online.

A criminal gang based in Memphis runs escorts across the region out of a suburban house next to a daycare center. Cellphone numbers in ads across the South, promoting services, all lead back to the group that traffics women from one city to the next.

In Cairo, ads for nannies to serve wealthy families in the Middle East lure girls from small African villages with promises of grand lifestyles, stable earnings and safe lives. But once the girls arrive, their passports are seized and all income earned is taken away. While many people automatically think “sex trafficking,” those at risk are actually labor trafficking victims — isolated by language barriers and remote work locations, and deprived of identity or travel paperwork.

Typically, everything DarkTower needs to link the crimes and the criminals is available on the web, if you know where to look. That’s why some of the world’s biggest companies – and a number of international banks – reach out to Birmingham for help.

“Regions is the only bank of its size, that I’m aware of, focusing on human trafficking ,” Warner said. “The global banks are all over it, but they have more people in cybercrime departments than smaller banks have tellers. Regions is also the only bank we work with that has a liaison assigned specifically to work with us.”

That liason is a full-time Corporate Security Investigator, with a long career in law enforcement and computer forensics. He reports to Don White, head of Corporate Security, and works closely with Phillips.

A former federal prosecutor, Phillips said using DarkTower is a common-sense move for Regions.

“Having an outside, third-party partner brings a different perspective,” Phillips said. “DarkTower has expertise from an international standpoint and a massive database that no bank has. They know what they’re doing, they’re thorough and they’re fast. And they help us protect our customers.”

Fighting back against cybercrime is important, but banks and other financial institutions must do even more to protect their customers. For example, a role-based security model utilizing privilege access management can help ensure sensitive data is not accessed by unauthorized employees. PAM is just one of many infosec solutions that are designed to provide additional layers of security.

This story originally appeared on Regions Bank’s Doing More Today website.

Liked it? Take a second to support Geek Alabama on Patreon!
Become a patron at Patreon!
Rate This Post