The Security Investigation

eccentric I. The availability of the personal figurer or PC at some(prenominal) home and every office desktop, and the dawn of the Internet brought to focus non only the benefits derived from these technologies but abuse and to a greater extent, crimes as well. Suddenly, cybercrime is at an al single time high and ways and means of detecting and reservation these malefactor hackers pay became a forefront competence in reading technology and law enforcement. One of the best deterrents to computer crime is to get wind those who commit the dastardly acts (Solomon & Prosise, 2001)Of all the types of criminal hackers, the worse is the insider a certain employee or a former disgruntled employee since they are or were in a trust relationship with their employer, and they demeaned that trust by attacking the education organizations of the company. When this type of crime, or cybercrime, occurs, the recourse is to call in computer forensics and misfortune response professionals to remedy the situation. Solomon et al. (2005) describes computer forensics as, Computer investigation and analysis techniques that command the identification, preservation, extraction, documentation, and interpretation of computer data to determine potential legal evince. erst there is a probable determination that a cybercrime was committed, the computer forensics and consequent response experts follow a well-choreograph methodology to successfully document evidence and prosecute a cybercrime. Robbins (2002) lists down the basic but critical procedures to computer forensics1.Protect the cogitation computer arranging during the forensic examination from any come-at-able alteration, damage, data corruption, or virus introduction2.Discover all files on the subject system including existing normal files, deleted yet remaining files, hidden files, password-protected files, and encrypted files3.Recover as much as accomplishable all of discovered deleted files4.Reveal to the exte nt possible the contents of hidden files as well as temporary or swap files used by both the application programs and the operating system5.Access, if possible and if legally appropriate, the contents of protected or encrypted files6.Analyze all maybe relevant data found in special and typically un-come-at-able areas of a disk including but not limited to the unallocated space on a disk, as well as slack space in a file7.Print an overall analysis of the subject computer system, including listing of all possibly relevant files and discovered file data, then provide an discernment of the system layout, the file structures discovered, any discovered data and authorship info, any attempts to hide, delete, protect, encrypt information, and anything else that has been discovered and appears to be relevant to the overall computer system examination and8.Provide expert consultation and/or testimony, as required.While the experts are doing the investigation, it is important to liaise and coordinate, depending upon the legal parameters of the crime, with local or federal cybercrime units. In some states in the U.S., it is a federal crime not to deal computer crimes and soon, reporting of cybercrimes will be federally mandated. But the get word point in cybercrime investigation is ensuring that the evidence gathered will stand up to legal scrutiny.Part II. A common story perceive virtually cybercrimes is the use of hearty engineering techniques. Social engineering essentially is playing the con man to elicit information from gullible or unknowing victims. A armed service Desk employee for example can call a secretary and ask for her password since he of necessity it to diagnose her PC remotely. Since there is a trust relationship already, the secretary gives her PC password. The Help Desk employee then accessed the secretarys PC and downloaded confidential memos and reports. He then sells these documents to competitors and the competitors ended up gaining adv antage on the Help Desk employees company because they already have insider information.A case like this could have been prevented if the company, or even any politics agency, had good security policies in place. Part of the security policies would have been substance abuser education training and if the users had been properly trained, they would have known that nobody needs to know their passwords but themselves. In securing the information systems, the baseline or jump point is having good security policies in place and these policies should and must be based on globally accepted standards and industry best practices. The ISO 17799 or Code of Practice for Information Security Management (ISO/IEC, 2005) is always one of the best standards to adapt whether small, medium or large enterprises even judicature agencies for that matterShaurette (2002) stated that, Information security is not just about technological controls. Security cannot be achieved solely through the applicatio n of software product or hardware. Any attempt to implement technology controls without considering the cultural and social attitudes of the corporation is a formula for disaster. Once this has been taken into mind, mitigation of risks to the information systems will be achieved and prevention of cybercrimes, whether from malicious insiders or external criminal hackers, will be tempered.