230 likes | 511 Vues
Forensic Science Questioned Document Unit. Cybercrime. Due Today:. Document analysis lab- paper /pencil Indented writing worksheet. Getting started, Wednesday 10-16. Freebie: write whatever you want about the movie “Catch Me if you can”. Computer forensics- what is it?.
E N D
Forensic Science Questioned Document Unit Cybercrime
Due Today: • Document analysis lab- paper /pencil • Indented writing worksheet
Getting started, Wednesday 10-16 • Freebie: write whatever you want about the movie “Catch Me if you can”
Computer forensics- what is it? • Identification, preservation, extraction, documentation and analysis of electronic data • Internet forensics- additional emphasis placed on the Internet • Requires extensive knowledge of computer hardware & software • Must be familiar with legislation governing local, state, regional, state, national & international laws
How can identify theft occur? • Throwing away unwanted documents such as bank & credit card statements- criminal can gain access to personal information, which they can use to apply for credit cards in that person’s name • Phishing- defrauding victim by sending fraudulent email that looks real & asks recipient to update his/her personal information • Spyware- gives access to all computer activity including passwords, account numbers, user ID’s ; then sends it to the criminal’s computer
What are the three categories of cyber crime? • Computer integrity crimes • Computer assisted crimes • Computer content crimes
Describe computer integrity crimes • Involve illegal access to data on a computer or network system • Hacking- intentionally entering an unauthorized network • Cyber-terrorism- hacking into company’s internal networking system for purpose of demonstrating or protesting a political agenda
Hackers rely on 3 specific methods: • Social engineering: establishing trust with key people and then determine passwords • Malware: software designed to provide unauthorized access to a computer system. Trojan horse- software designed to harm computer or information stored in computer. Worm- self-replicating malware that sends copies of itself to all computers in a network • Spyware: type of malware; collects information without user’s knowledge. Content spyware allows hacker to access all activity on an individual’s computer
Describe computer-assisted crimes • Occurs on a global scale • Virtual bank robbery-criminal opens bank and/or credit card accounts under false identities. Once credit rating established, secure a loan and never pay it back • Virtual sting- exploitation of online financial systems for access to goods and/or services; ex: online gambling • Virtual scam- trick victims into giving money to criminal; many involve “get rich quick” schemes
Describe computer content crimes • Involve posting illegal content such as child pornography, hateful or aggressive speech or text related to race and/or extreme politics, violent content, sexually explicit materials, information about using/making drugs and weapons including bombs,
Investigating and prosecuting cyber crime • Investigators must establish a chain of custody for each piece of evidence collected • First step in preserving evidence is deciding how to turn off a system that is running or how to turn on a suspect’s computer • Permission or a warrant to install software to check computer is needed • Before analyzing an exact image of the drive must be obtained
Compare 4 types of evidence to be presented • Real evidence- actual tangible evidence that can be brought into court • Documentary evidence- any type of written evidence such as reports or saved data • Testimonial evidence- written or spoken evidence from witness • Demonstrative evidence- represents facs or objects; ex: X-rays, graphs, charts
What 4 steps ensure factual based testimony? • Expert must tell jury what he/she did • Expert must tell jury why he/she did it • Expert must tell jury how he/she did it • Expert must tell the jury what the findings were