Techniques

These computer crimes include gaining and manipulation of information is available to us. (Solomon p.4)There is very specific branch of law enforcement that deals specifically with these new computer crimes. They are computer forensics. They are people whom use computers to hunt, investigate and present evidence of computer crimes. Most internet crimes can be classified into black hat hacking, internet scams, corporate fraud and security concerns are Viruses, worms and Trojan Horses. This is an important to know the functions and behaviors of each to protect your computer and data from these threats. First, Black Hat Hacking is the unethical use of computer knowledge of skills to manipulate and gain access to data used to commit crimes or personal gain. The classification of black hat is a way to pigeonhole the hacker as a bad guy. For more clarification, back in the old west movies where the "good guys" wore a white hat and the villain wore a "black hat". This type of hacker is not motivated to improve or build, but to destroy and plunder. I think of them as the pirates of the internet. The black hat hackers may employ a variety of scams, Viruses, worms and Trojan Horses to get their desired means. They also are known for internet scams. Second, Internet scams can be defined by the social engineering of a story via email, chat sites, or other messaging services. There are many types of social engineering techniques most are center around convincing the mark (target ) to believe that they (the hacker) are authorized to some info or talking them to give you sensitive info. This sensitive information can be use to steal money, commit computer crimes using your computer and infecting computer with virus. Next, Corporate Fraud is the manipulation and/ or destruction of papers that may incriminate the company management/owners. Everyone is familiar with ENRON, the world's largest business failure. Enron was the world largest communication and energy trading company that filed to bankruptcy. As a result, millions of dollars were lost and all of Enron's employees lost their jobs. Law Enforcers found most of the evidence to found was numerous communications on Enron executives' computers and E-mails. So being faced with this new computer crime a new category of crime investigation called Computer Forensics. Computer Forensics is defined by Wikipedia.com as " a branch of digital forensic science pertaining to legal evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the information." I think of it as the practice of finding and preserving data that is pertinent to the case criminal case from multiple sources, including lost, deleted and corrupted files. Computer forensics is an imperative resource for collecting evidence to present in court for computer crimes. Computer Forensics must follow a thorough and systemic searching procedure to ensure the protection and authenticity of evidence. The Computer Forensics' job is to searching, preserving collecting and presenting the data in a court. Computer forensics is the profession that encompasses the computer science and elements of law that collects and analyzes data off a computer, storage devices and networks that is important to a case (Marcella P.5) They can be hired for many reasons including criminal prosecutions, law enforcement officials, insurance company verification, and Corporation wrongdoing (Bauchner p.11-12). In the instance of criminal evidence gathering of cyber crimes the Computer Forensics follow a set of procedures. First, the law enforcement must obtain a special warrant for seizing a computer. Once to warrant is presented to the accused , the investigators will physically take pictures of the room the layout of the electronics. Next, the officers secure the electronics and any storage devices that are believed to have data important to the case. (Strickland) The storage devices are sent to the labs to be analyzed. Once the evidence is delivered to the computer lab, next the forensic investigator will create a full back up image and second copy. This for the protection of the evidence and allows the investigator to manipulate the disk to find files without compromising the original Data. Things to look for are electronic tampering, viruses and worms. There are numerous tools at their disposal. The most current ones are Prodiscovery, AccessData FTX and Mandiant First Respounce Just to list a few. The Encase suite and Mandiant First Response is the most common and easy to use. (Marcella p.113) through introduction of powerful soft ware and the experience of the investigator, the analyzing of the data can be quickly and accurately sorted and collected. Most Computer Forensic Labs have a Standard operation Procedure checklist set in place. The purposes of the standards are to ensure the quality and documentation for the computer forensic technician and the work done to the evidence/computer. Every crime lab should have these standard documentation or best practices in place to ensure quality. Yet, even with the standard operation, there are some challenges that may arise when the technician does their investigation.