Computer crime investigation and computer forensics are in the budding stage and they ar influenced by multi-faceted external factors like ongoing technological innovations, societal problems, and complex legal issues. Computer security officers and police should keep itself abreast of legal and technological issues that are vital to the results of the investigation.
Episodes of computer-related crime and telecommunications scam have seen a dramatic surge over the past decade. Nevertheless, due to the abstruse nature of this crime,there have been very few prosecutions and even fewer convictions. The new technology has paved the way for the advancement and automation of many business processes and has also given rise to computer abuse.
Cyber crimes usually arise out of unauthorized access, exceeding authorized access, intellectual property theft or misuse of information, pornography, theft of services, forgery, property theft (e.g., computer hardware and chips), invasion of privacy, denial of services, computer fraud. viruses.· Sabotage (i.e., data alteration or malicious destruction), extortion, embezzlement, espionage and terrorism.
Though some of these system attacks simply employ present-day methods to commit older, more recognizable types of crime, others encompass the use of completely new forms of criminal activity that has evolved along with the technology.
Many gray areas should be located and tested through the courts. Until then, the system attackers will have an edge over police and investigators, and computer abuse will grow further.
Computer security practitioners need to be cautious of the numerous technological and legal issues that affect systems and users, including issues dealing with investigations and enforcement.
Amid the investigation process of electronic crimes or the seizure of computers and electronic items, the security officer should remain wary of unexpected changes to a subject's involvement in a case may occur resulting in unexpected individual and environmental threats to an officer's safety.
The proper implementation of proper procedures and tactics will ensure the personal safety of an individual as well as of others present at the electronic crime scene. In order to ensure the proper evidence preservation, the police officer or investigator should follow certain procedures so that improper evidence collection. One good of example of improper evidence collection is the unnecessary use of computer or an attempt to search for evidence. The computer is turned on when it was found as turned off because it affects the forensic evidence collection.(Mary, 2006)
In the first place, the front and back of the computer should be photographed as well as and where found. Photograph surrounding area prior to moving any evidence.
If computer is “on” and the screen is blank, the mouse device should be moved or space bar pressed and after the image appears on the screen, it should also be photographed. Power cord from back of tower should be unplugged. If the laptop does not shutdown when the power cord is removed, locate and remove the battery pack should be located and removed. The battery is commonly placed on the bottom, and there is usually a button or switch that allows for the removal of the battery. Once the battery is removed, do not return it to or store it in the laptop. Removing the battery will prevent accidental start-up of the laptop.
The label cords should be diagramed to later identify connected devices and all cords and devices should be disconnected from the tower.
All the components should be packaged and transported as fragile cargo along with the seizure of additional storage media.
All media, including tower, away from magnets, radio transmitters and other potentially damaging elements should be kept safe. Collect instruction manuals, documentation and notes and all necessary steps should be duly documented.
Mary Jude Darrow, Mattpope and Tom Avery(2006) “Technology Crimes and Forensic ....Criminal Investigation series” Cengage Learning