25-08-2017, 09:32 PM
Cyber crime detection, investigation and prosecution
Cyber crime detection.pdf (Size: 127.64 KB / Downloads: 79)
ABSTRACT
Cyber crime is easy to commit anywhere anytime but difficult to investigate and bring the cyber criminal to justice. Law enforcement
agencies and the judiciary need to come to grips with the problem that involves global cooperation and coordination. Despite these
handicaps, there is enormous scope to investigate cyber crime using cyber forensics to gather and present admissible evidence in courts to
prosecute cyber criminals.
INTRODUCTION
There are estimated to be about 80,000 web sites on the Internet that preach cyber crime and provide information/tools on
how to carry out cyber crimes – free of cost. Cyber crime is rewarding. Evidence from the U.S. reveals that an average bank
robbery with a gun could net $1,900. But with computer, it could net as much as $250,000! Likewise, prosecutions of
criminals who used a gun to commit crime can touch 82%, while success in prosecuting cyber criminals is just 2%. It is said
that 95% of cyber crimes are either not reported due to the various reasons or not noticed.
The cyber world is a world without boundaries. The Intent allows criminals virtually free and anonymous ways to commit a
variety of crimes – cheat, steal, harass, blackmail and terrorize individuals, organizations and governments by gaining access
to sensitive commercial and government information, destroy databases and gain control of key installations and national
security apparatus.
Cyber crime is not just committed by adventure seeking youth but increasingly by spies, hardened criminals, organized crime
syndicates, drug cartels and terrorists. These categories would fit into the traditional criminal category with clearly defined
motives. But then cyber crime is committed even by so-called good/loyal workers, highly educated/motivated/intelligent
people having no previous criminal record.
Methodology of preserving cyber crime scene
To capture the scene of crime, rush to the computer. See what is on the monitor. Secure the place. Do not let anyone touch the
systems that were in operation, Take a photograph, or at least record the site to which computer is hooked. Save information
whenever prompted. Then, shut down the computer. If the computer is shut down normally, it is possible to recover some
information that is on the RAM.
In case of doubt, pull out the electricity cord. It freezes the computer and its memory. Label each cord and its socket,
document the hardware configuration of the system and then take photographs.
Security planning and implementation
Security policy planning must focus on, among others, perimeter security, network security and applications security. Besides
this, aspects like policy-based management, strong authentication, consistent authorization, single sign on and secure
communications are additional concerns. Other actions in this area would include: security audit, vulnerability check (identify
attacks and find vulnerabilities to plug holes) and server hardening.
The implementation plan would include: anti virus package/s, firewalls, IDS, PKI and other certificate services, content
protection (encryption tools), etc. Better administrative control is ensured by tightening system parameters and closing down
non-essential services/ports and must be based on password policy, user rights, lockout policy, audit policy, event log settings,
etc. System services must be based on restricted groups
Conclusion
Today, cyber forensics can connect crime to the computer. But fighting cyber crimes in our country is not easy. First, the
magnitude of the problem is yet to be fully appreciated by the public, law enforcement agencies and the judiciary. Second, the
legal framework is in a nascent stage. Third, victims do not readily come forward to report crime to law enforcement agencies.
Finally, even if they do so, law enforcement agencies are still not fully equipped to investigate cyber crime, handle, process,
preserve and present evidence in courts to obtain convictions.
Therefore, highly coordinated teamwork between various law enforcement agencies is absolutely essential yet to curb cyber
crime. Since sophisticated technologies, tools, techniques and skills are employed in committing cyber crime, law
enforcement officials must acquire basic skills to identify and investigate cyber crime.
Well-equipped cyber forensic infrastructure must support law enforcement agencies. Since critical skills are not always
available with law enforcement agencies, assistance needs to be taken from experts. Judges and government prosecutors must
have a complete grasp of cyber laws, determine whether evidence gathered by investigating agencies is admissible/foolproof
and defend cyber evidence to obtain convictions.