Presentation

Cyber Investigations firm.

Cybercrime - Cybercrime and Computer Forensics

Aller au contenu | Aller au menu | Aller à la recherche

dimanche 11 février 2007

Children and Internet

Is it okay for children to use the internet? How can we keep them safe? Produced by askvampirebear. Brought to you by Safety.TV Library

The video

Crimeware

From Wikipedia, the free encyclopedia

Crimeware is a class of computer program designed specifically to automate financial crime. The term was coined by Peter Cassidy, Secretary General of the Anti-Phishing Working Group to distinguish it from other kinds of malevolent programs.

Lire la suite

FBI on fighting cyber crime

FBI special agent talks about the organisation's crime fighting efforts and argues that it requires a digital "Enron" to force legislation and reform that can effectively fight cyber crime

Lire la suite

dimanche 12 novembre 2006

Sorting Through the Masses

While theoretically possible to review all e-mails, the sheer volume that may be subject to review may be a daunting task; large-scale e-mail reviews cannot look at each and every e-mail due to the sheer impracticality and cost. Forensics experts use review tools to make copies of and search through e-mails and their attachments looking for incriminating evidence using keyword searches. Some programs have been advanced to the point that they can recognize general threads in e-mails by looking at word groupings on either side of the search word in question. Thanks to this technology vast amounts of time can be saved by eliminating groups of e-mails that are not relevant to the case at hand.

Lire la suite

E-mail Headers

All email programs generate headers that attach to the messages. The study of these headers is complex. Some investigators favor reading the headers from the bottom up, others from the top down.

Lire la suite

E-mail Review

E-mail has become one of the primary mediums of communication in the digital age, and vast amounts of evidence may be contained therein, whether in the body or enclosed in an attachment. Because users may access email in a variety of ways, it's important to look for different kinds of emails.

Lire la suite

Duplicate the hard drives

Using a standalone hard-drive duplicator or similar device, completely duplicate the entire hard drive. This should be done at the sector level, making a bit-stream copy of every part of the user-accessible areas of the hard drive which can physically store data, rather than duplicating the filesystem.

Lire la suite

Inspect for traps

Inspect the chassis for traps, intrusion detection mechanisms, and self-destruct mechanisms. It takes a lot to destroy a hard drive to the point where no data at all can be recovered off of it—but it doesn't take much to make recovery very, very difficult.

Lire la suite

Power down carefully

If the computer is running when seized, it should be powered down in a way that is least damaging to data currently in memory and that which is on the hard disk. The method that should be used is dependent on the operating system that the computer is running.

Lire la suite

Secure the machine and the data

Unless completely unavoidable, data should never be analyzed using the same machine it is collected from. Instead, forensically sound copies of all data storage devices, primarily hard drives, must be made.

To ensure that the machine can be analyzed as completely as possible, the following sequence of steps must be followed:

Lire la suite

Electronic Evidence Considerations

Electronic evidence can be collected from a variety of sources. Within a company’s network, evidence will be found in any form of technology that can be used to transmit or store data.

Lire la suite

Understand the suspects

It is absolutely vital for the forensics team to have a solid understanding of the level of sophistication of the suspect(s).

Lire la suite

Computer forensics

Computer forensics is application of the scientific method to digital media in order to establish factual information for judicial review. This process often involves investigating computer systems to determine whether they are or have been used for illegal or unauthorized activities. Mostly, computer forensics experts investigate data storage devices, either fixed like hard disks or removable like compact disks and solid state devices. Computer forensics experts:

1. Identify sources of documentary or other digital evidence.

2. Preserve the evidence.

3. Analyze the evidence.

4. Present the findings.

Computer forensics is done in a fashion that adheres to the standards of evidence that are admissible in a court of law.Thus, computer forensics must be techno-legal in nature rather than purely technical or purely legal.

Recognized hackers

Due to the overlapping nature of the hacker concept space, many of these individuals could be included in more than one category. See also Hacker (computer security), which has a list of people in that category, including criminal or unethical hackers.

Lire la suite

Hacker: Hardware modifier

Another type of hacker is one who creates novel hardware modifications. At the most basic end of this spectrum are those who make frequent changes to the hardware in their computers using standard components, or make semi-cosmetic themed modifications to the appearance of the machine.

Lire la suite