Cybercrime computer crime, electronic crime, information crime, virtual crime is a term used broadly to describe criminal activity in which computers or computer networks are a tool, a target, or a place of criminal activity. These categories are not exclusive and many activities can be characterized as falling in one or more categories.
Although the term cybercrime is more properly restricted to describing criminal activity in which the computer or network is a necessary part of the crime, the term is also popularly used to include traditional crimes in which computers or networks are used to facilitate the illicit activity, or where a computer or network contains stored evidence of a traditional crime.As there is a rapid growth of computer and network systems in recent years, there has also been a corresponding increase in cyber-crime. Cyber-crime takes many forms and has garnered much attention in the media, making information security a more urgent and important priority. In order to fight cyber-crime, criminal evidence must be gathered from these computer-based systems. This is quite different from the collection of conventional criminal evidence and can confuse investigators attempting to deal with the forensics of cyber-crime, highlighting the importance of computer forensics.
Get Help With Your Essay
If you need assistance with writing your essay, our professional essay writing service is here to help!
DIGITAL OR COMPUTER EVIDENCE:
Evidence that is stored on or transmitted by computers,can play a major role in a wide range of crimes, including homicide, rape, abduction, child abuse, solicitation of minors, child pornography, stalking, harassment, fraud, theft, drug trafficking, computer intrusions, espionage, and terrorism. Though an increasing number of criminals are using computers and computer networks, few investigators are well-versed in the evidentiary, technical, and legal issues related to digital evidence. As a result, digital evidence is often overlooked, collected incorrectly, and analyzed ineffectively. The aim of this hands on resource is to educate students and professionals in the law enforcement, forensic science, computer security, and legal communities about digital evidence and computer crime. This work explains how computers and networks function, how they can be involved in crimes, and how they can be used as a source of evidence. As well as gaining a practical understanding of how computers and networks function and how they can be used as evidence of a crime, readers will learn about relevant legal issues and will be introduced to deductive criminal profiling, a systematic approach to focusing an investigation and understanding criminal motivations.
Computer forensic consultants, law enforcement, computer security professionals (INFOSEC), government agencies (IRS, FBI, CIA, Dept. of Justice), fraud examiners, system administrators, lawyers.
DIGITAL OR COMPUTER EVIDENCE ANALYSIS:
Digital Evidence Analysis involves the collection, investigation and analysis of digital evidence. This digital evidence may be found in computer hard disks, cell phones, ipods, pen drives, digital cameras, CDs, DVDs, floppies, computer networks, the Internet etc.
Digital evidence can be hidden in pictures (steganography), encrypted files, password protected files, deleted files.
Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity atted hard disks, deleted emails, chat transcripts etc.
Digital evidence can relate to online banking frauds, online share trading fraud, source code theft, credit card fraud, tax evasion, virus attacks, cyber sabotage, phishing attacks, email hijacking, denial of service, hacking, divorce cases, murder cases, organized crime, terrorist operations, defamation, pornography, extortion, smuggling etc.
Computer forensics — still a rather new discipline in computer security — is a rapidly growing discipline and an even faster growing business. It focuses on finding digital evidence after a computer security incident has occured.
The goal of computer forensics is to do a structured investigation and find out exactly what happened on a digital system, and who was responsible for it.
There are essentially three phases for recovering evidence from a computer system or storage medium. Those phases are: (1) acquire, (2) analyze, and (3) report. Often, the results of a forensic investigation are used in criminal proceedings. Computer criminals always leave tracks, it’s “just” a matter of finding these tracks. But this part is not always easy. The evolution in computer technology goes on, computers and other communication systems become very complicated and better connected through all kinds of networks. At the same time, computer crime techniques become more sophisticated and better coordinated.
Computer forensics evidence has been used as evidence in criminal law since the mid 1980s. In court it is subject to the usual requirements for digital evidence, requiring information to be authentic, reliably obtained and admissible. In addition various countries have specific guidelines and practices for the recovery of computer forensic evidence.
If evidence collection is done correctly, it is much more useful in apprehending the attacker, and stands a much greater chance of being admissible in the event of a prosecution.
Computers allow criminals to remain relatively anonymous and to invade the privacy and confidentiality of individuals and companies in ways not possible prior to the advent of the computer age. “Evidence of these crimes is neither physical nor human, but, if it exists, is little more than electronic impulses and programming codes.” This evidence can take the form of data digitally stored as text files, graphics files, sounds, motion pictures, data-bases, temporary files, erased files, and ambient computer data dumped on the storage device by the operating system or application program.
If someone opened a digital storage device, they would see no letters, numbers, or pictures on it. Therefore, “understanding how a computer stores data is basic to understanding how sensitive that data is to inadvertent contamination and how important a chain of custody becomes when testifying to the ‘originality’ of the evidence.”
CHARACTERISTICS:
Performs forensic analysis of digital information using standard computer forensics and evidence handling techniques.
Uses forensically sound procedures to identify network computer intrusion evidence and identifies perpetrators.
Employs forensic tools and techniques to identify and examine malicious files.
Employs forensic tools and techniques to crack file and system passwords.
Detects steganography and recovers deleted fragmented and corrupted data from digital media of all types.
Documents procedures and findings in a manner suitable for courtroom presentation and prepares comprehensive written notes and reports.
The computer age dramatically has changed how people relate to each other, but not their basic human nature. A minority of individuals who believe there exists a shortcut to riches, or who invade the privacy or innocence of others, continue to carry out their criminal agendas. However, now they more likely use a computer or other digital device to store information about their actions or to commit their crimes.
Cite This Work
To export a reference to this article please select a referencing style below: