Chapter 17 - Computer Crime
-
Upload
calvinshaw -
Category
Education
-
view
308 -
download
1
Transcript of Chapter 17 - Computer Crime
![Page 1: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/1.jpg)
Chapter 17
Computer Crime
Hess 17-1
![Page 2: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/2.jpg)
Introduction• Computer crimes are relatively easy to commit and
difficult to detect• Most computer crimes are not prosecuted• Crimes involving computers have become much more
sophisticated• Most computers on the planet are connected via the
Internet• A new breed of detective—the cybercrime investigator
Hess 17-2
![Page 3: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/3.jpg)
SOURCES• IC3 2010 Internet Crime Report• 2010 CyberSecurity Watch Survey• 2010/2011 CSI Computer Crime and Security Survey• Created a fundamental change in law enforcement
agencies
Hess 17-3
The Scope and Cost of the Problem
![Page 4: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/4.jpg)
COMMON TERMS• Cybercrime• Cybertechnology • Cyberspace • E-crime
Hess 17-4
Terminology and Definitions
![Page 5: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/5.jpg)
THE NET VERSUS THE WEB• Net is a network of networks• Web is an abstract space of
information
LIVE CHAT ANDINSTANT MESSAGING• Two or more people• Talk online in real time
Hess 17-5
Terminology and Definitions
![Page 6: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/6.jpg)
OVERVIEW• Computer as target• Computer as tool• Computer as incidental to an offense• Be aware of the ever-expanding ways
Hess 17-6
Classification and Types of Computer Crimes
![Page 7: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/7.jpg)
COMPUTER AS TARGET• Viruses and worms• Invariably involves hacking
COMPUTER AS TOOL• Traditional methods elevated• Many offenses overlap
Hess 17-7
Classification and Types of Computer Crimes
![Page 8: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/8.jpg)
OVERVIEW• Reluctance or failure to report crime• Lack of training • Need for specialists • Fragility of the evidence • Jurisdictional issues
Hess 17-8
Special Challenges in Investigation
![Page 9: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/9.jpg)
NONREPORTING OF COMPUTER CRIMES• Did not think law enforcement could help• Too insignificant to report
LACK OF INVESTIGATOR TRAINING• Cybercriminals are more technologically sophisticated• Law enforcement needs additional training
Hess 17-9
Special Challenges in Investigation
![Page 10: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/10.jpg)
NEED FOR SPECIALISTS AND TEAMWORK• Cybercrime unit
FRAGILITY AND SENSITIVITY OF EVIDENCE• Computer evidence is very fragile• Can be altered or damaged easily• Could be rendered unusable
Hess 17-10
Special Challenges in Investigation
![Page 11: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/11.jpg)
JURISDICTIONAL ISSUES• Traditional boundaries are complicated• Double criminality• Need for unified global approach• Federal versus state• Growing pains for this area of law
Hess 17-11
Special Challenges in Investigation
![Page 12: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/12.jpg)
COMMON PROTOCOL• Secure, evaluate and document crime scene• Obtain a search warrant• Recognize, identify, collect and preserve the evidence• Package, transport and store evidence• Submit digital evidence • Document in an incident report
Hess 17-12
The Preliminary Investigation
![Page 13: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/13.jpg)
SECURING AND EVALUATING THE SCENE• Basic ON/OFF tenet• Follow departmental policy • Ensure that no unauthorized person has access • Ensure condition of electronic device is not altered• Properly document
Hess 17-13
The Preliminary Investigation
![Page 14: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/14.jpg)
OBTAINING A SEARCH WARRANT• Searches may be conducted by consent• Suspect unknown, warrant must be obtained• Have both a consent search form and a search warrant• Avoid destruction of evidence
Hess 17-14
The Preliminary Investigation
![Page 15: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/15.jpg)
RECOGNIZING EVIDENCE• Conventional
Fingerprints Documents Hard drive
• Digital Electronic files E-mails
Hess 17-15
The Preliminary Investigation
![Page 16: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/16.jpg)
DOCUMENTING DIGITAL EVIDENCE• Thorough notes, sketches and photographs• Document condition and location of computer system• Photograph the entire scene • Photograph the front and back of the computer
Hess 17-16
The Preliminary Investigation
![Page 17: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/17.jpg)
COLLECTING PHYSICAL AND DIGITAL EVIDENCE• Evidence often contained on disks• Devices may have fingerprints• Avoid contact with recording surfaces• Evidence log• Chain of custody issues
Hess 17-17
The Preliminary Investigation
![Page 18: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/18.jpg)
PACKAGING, TRANSPORTING AND STORINGDIGITAL EVIDENCE• Keep away from magnetic fields• Store away from humidity extremes• Do not use plastic bags• Be aware of battery needs
Hess 17-18
The Preliminary Investigation
![Page 19: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/19.jpg)
DATA ANALYSIS AND RECOVERY• Deleted files remain on hard drive• Forensic expert can make viewable• Recycle bin• Data remanence
Hess 17-19
Forensic Examination of Computer Evidence
![Page 20: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/20.jpg)
WARRANT EXCEPTIONS• Contraband, fruits or instrumentalities of the crime• Prevent death or serious bodily injury• Has committed or is committing a criminal offense to
which the materials relate
Hess 17-20
Legal Considerations in Collecting and Analyzing Computer Evidence
![Page 21: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/21.jpg)
DEVELOPING SUSPECTS• Most cybercrimes committed by outsiders• Three categories
Crackers Vandals Criminals
Hess 17-21
Follow-Up Investigation
![Page 22: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/22.jpg)
ORGANIZED CYBERCRIME GROUPS• Generally not loyal to one another• Operate in countries with weak hacking laws
UNDERCOVER INVESTIGATION AND SURVEILLANCE• Headed by computer expert• Online undercover officer
Hess 17-22
Follow-Up Investigation
![Page 23: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/23.jpg)
VULNERABILITY• Access via phone lines• Critical nature of law enforcement data • Agency’s network should be a top priority• Evidence logs • Other valuable data
Hess 17-23
Security of the Police Department’s Computers
![Page 24: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/24.jpg)
GOVERNMENT MEASURES• USA PATRIOT Act• Foreign Intelligence Surveillance Act (FISA)• National Security Letter (NSL)• Child Protection and Sexual Predator Punishment Act• All states have enacted tough computer crime control
laws
Hess 17-24
Legislation
![Page 25: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/25.jpg)
CYBER SPECIALISTS• Often requires a team
approach• Equipment owner• Database technicians• Auditors• Computer experts • Programmers
Hess 17-25
The Investigative Team
![Page 26: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/26.jpg)
SOURCES• National Cybercrime Training Partnership (NCTP)• Electronic Crimes Task Forces (ECTFs)• Perverted Justice• NetSmartz
Hess 17-26
Resources Available
![Page 27: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/27.jpg)
STRATEGIES• Educating top management • Educating employees • Instituting internal security precautions• Management
Commitment to defend against computer crime Organization-wide policies
Hess 17-27
Preventing Computer Crime
![Page 28: Chapter 17 - Computer Crime](https://reader038.fdocuments.net/reader038/viewer/2022102811/587951821a28abb1418b5fdb/html5/thumbnails/28.jpg)
Summary• Computer crimes are relatively easy to commit and
difficult to detect• Basic tenet for first responders at computer crime
scenes is to observe the ON/OFF rule• Most cybercrimes against businesses are committed by
outsiders• Investigating such crimes often requires a team
approach
Hess 17-28