The Security Investigation

detonate I. The availability of the personal calculator or PC at every home and every office desktop, and the dawn of the net income brought to focus non only the benefits derived from these technologies but abuse and to a greater extent, crimes as intimately. Suddenly, cybercrime is at an wholly time high and ways and factor of detecting and making these venomous hackers pay became a forefront competence in nurture technology and law enforcement. One of the best deterrents to computer crime is to catch those who commit the dastardly acts (Solomon & Prosise, 2001)Of all the types of criminal hackers, the worse is the insider a current employee or a former dissatisfied employee since they are or were in a bank kinship with their employer, and they demeaned that trust by attacking the information systems of the fraternity. When this type of crime, or cybercrime, occurs, the recourse is to predict in computer rhetoricals and incident response professionals to remedy the situation. Solomon et al. (2005) describes computer forensics as, information processing system investigation and analysis techniques that involve the identification, preservation, extraction, documentation, and interpretation of computer data to conciliate potential legal cause. at a time there is a probable inclination that a cybercrime was committed, the computer forensics and incident response experts follow a well-choreograph methodology to successfully document evidence and prosecute a cybercrime. Robbins (2002) lists down the prefatory but critical procedures to computer forensics1.Protect the publication computer system during the forensic examination from any possible alteration, damage, data corruption, or virus inception2.Discover all bucks on the subject system including existing normal files, deleted up to now remaining files, hidden files, password-saved files, and encrypted files3.Recover as much as possible all of ascertained deleted files4.Reveal to t he extent possible the contents of hidden files as well as temporary or swap files used by both the application programs and the operating system5.Access, if possible and if legally appropriate, the contents of protected or encrypted files6.Analyze all possibly relevant data found in special and typically inaccessible areas of a disk including but not limited to the unallocated space on a disk, as well as slack space in a file7.Print an overall analysis of the subject computer system, including listing of all possibly relevant files and discovered file data, then provide an opinion of the system layout, the file structures discovered, any discovered data and authorship information, any attempts to hide, delete, protect, encrypt information, and anything else that has been discovered and appears to be relevant to the overall computer system examination and8.Provide expert consultation and/or testimony, as required.While the experts are doing the investigation, it is important to liai se and coordinate, depending upon the legal parameters of the crime, with topical anaesthetic or national cybercrime units. In some states in the U.S., it is a federal crime not to report computer crimes and soon, reporting of cybercrimes will be federally mandated. But the key point in cybercrime investigation is ensuring that the evidence gathered will stand up to legal scrutiny.Part II. A common story heard about cybercrimes is the use of social engineering science techniques. Social engineering basically is playing the con man to wind up information from gullible or unknowing victims. A Help Desk employee for practice session can call a secretary and ask for her password since he needs it to diagnose her PC remotely. Since there is a trust relationship already, the secretary gives her PC password. The Help Desk employee then accessed the secretarys PC and downloaded confidential memos and reports. He then sells these documents to competitors and the competitors ended up gai ning advantage on the Help Desk employees company because they already produce insider information.A case like this could have been prevented if the company, or even any government agency, had good credential policies in place. Part of the security policies would have been user education training and if the users had been properly trained, they would have known that nobody needs to know their passwords but themselves. In securing the information systems, the baseline or starting point is having good security policies in place and these policies should and must be based on globally authoritative standards and industry best practices. The ISO 17799 or Code of Practice for Information tribute Management (ISO/IEC, 2005) is always one of the best standards to adapt whether small, medium or large enterprises even government agencies for that matterShaurette (2002) stated that, Information security is not just about technological controls. Security cannot be achieved solely through th e application of software or hardware. Any attempt to appliance technology controls without considering the cultural and social attitudes of the corporation is a formula for disaster. Once this has been taken into mind, mitigation of risks to the information systems will be achieved and prevention of cybercrimes, whether from leering insiders or external criminal hackers, will be tempered.