Aug 10
2010

Computer Forensics and Legal Aspects

The rate of crimes on internet and networks is increased to an alarming state by hackers, contractors, intruders and employees. Laws are enforced and computer forensics is practiced to avoid and prevent these crimes. Using computer forensics investigators use latest techniques of science and technology to find some evidence against crimes. The evidence will be collected for legal purposes when criminal matters are dealt. Investigation by using latest techniques of science and technology along with computer sciences to collect evidence in criminal and civil courts is called computer forensics. Experts use advanced tools to recover deleted, corrupted or damaged files from hard discs, flash drives and other storage media. A complete examination of windows registry, drives, cookies, deleted files, emails and all other relevant locations is done to find any clue to prosecute the case in law courts.

The first step in collecting evidence is to obtain warrant to search the suspected system. This warrant includes not only seizing and investigating the suspected computer but any devices connected with the crime are also included in it. A printer, scanner or any other device may be used with computer in making crime so these devices are also seized for investigation. Person who examines the computer system is not only an IT expert but a detective. He detects clues to find out the story or details of the crime. The main aim of an investigator or expert is to find out evidence not the culprit. Using computer forensics large amounts of money are recovered by following the law suits in civil and criminal courts.

Computer forensics specialist revealed frauds, crimes and corruptions in insurance companies, criminal prosecutors, large corporations and law enforcement office. The standards, methods and laws of computer forensics are different in different countries. Some evidence is acceptable in some countries but not in others while dealing with crimes at international levels. There is no boundary of internet so it is a problem while investigating and collecting evidences because different countries have different laws.

Personnel, Network administrators and security staff should have knowledge about computer forensics and its legal aspects. An expert should have authority to monitor and collect evidence related to intrusions and computer crimes. The use of security tools should be legal and according to the policies of the company and rules of the country. Computer forensics is a new discipline so the use of existing laws is instable while prosecuting computer crimes. Website of United States Department of Justice’s Cyber Crime is the reliable source of information and rules to apply it. Standards of computer forensics and list of recent cases which are in proceeding are given on the website. Evidences are collected in a way which is accepted by the court. Laws are being approved in the favor of personal data security in organizations.

Organizations have to prove that they have applied necessary securities. So when data is theft or affected then there will not be any lawsuit on the company if proper security applications and policies are installed and implemented.

Computer security law has three areas which one should know. First is in United States Constitution; it protects against unreasonable search, attacks and self-incrimination. These were written before problems occurred but tell how to practice them.

In the second area anyone practicing computer forensics should know the effect of three U.S. Statutory laws.

Wiretap Act

Pen Registers and Trap and Trace Devices Statute

Stored Wired and Electronic Communication Act

During the practice of computer forensics violations of any one of the above statutes lead to fine or imprisonment. If a company feels any doubt about that it has committed mistake it should consult with its attorney.

In third area U.S. Federal rules about computer crimes must be understood. There are two areas which affect cyber crimes

1. Authority to collect and monitor data

2. Admissibility of collection methods

If network or system administrators know about the legal and technical complexities of computer forensics or they are able to preserve critical data of the organization then it would be an asset of the organization.

Radha Kishan is currently advertising for a Computer Forensics provider whose website is http://www.cyberevidence.com/

More Computer Forensics Articles

Tags: , , ,

Trackback Trackback  •  Posted in Computer Forensics  

0 comments   Comments

 

Jul 29
2010

Understanding Computer Forensics Reports – A Loud Whisper!

I can hear it now! You are letting the cat out of the bag. By explaining computer forensic reports, you are aiding and helping computer criminals to cover their tracks.

But, there is always another side to an argument. By releasing this information, it can help people help computer forensic experts catch the criminals. Besides, people who commit computer crimes are very good at what they do. I am not releasing anything here they may not already know.

With that out of the way, let’s dive in.

What makes up computer forensics reports? Where does the information come from? Who puts them together?

Let’s start with the Who.

Computer forensics reports are prepared by computer forensics investigators. They gather the necessary information, analyze them and then draft out the final computer forensics reports. As good as they are, computer criminals oftentimes leave behind clues which aid the investigators to track down the root cause of their crime.

Even when the files have been deleted from the specific location in the computer, the original data is not at all erased from the entire computer system. With certain techniques, tools, and skills that the investigators are equipped with, the analysis of the fraudulent act or crime can be made with such accuracy.

Where does the computer forensic report information come from?

There are four main areas where the investigators gather their evidence from. There are other areas which are looked into but the following are the most commonly looked areas.

1. The Saved Files:

These are easy. If you saved it, it’s in the computer. All the investigator needs to do is open them up to examine them. They don’t need anything special to view or examine them.

2. The Deleted Files:

When data is deleted, it is put in the trash bin. The computer forensic expert will look in the bin to see what is in it.

The tougher part is the deleted files that have also been deleted from the trash bin. These will require special software in order to restore them.

3. The Temporary Files:

These data are produced when one browses through the Internet, works on any document, and uses some other types of backup software and other installations and applications.

You can open some temporary files on the computer they reside on without any special software or tool. Others will require the use of special tool or software.

4. The Meta Data:

The Meta data gives you the details of a document or file. Among the details which appear include the date that such files had been created, modified, and the last time when it was accessed. You can even get information about the creator of the file.

What makes up computer forensics reports?

Computer forensic reports will be made of information from the above four sources. It will also include information gathered from e-mails, file transfers, web browsing, online accounts, charts, and internet searches. Unknown to some people is that their web searches can be retraced.

There you have it……the secret, but not so secret computer forensic reports. It is by no means comprehensive, but you get the idea.

Note: You are free to reprint or republish this article. The only condition is that the Resource Box should be included and the links are live links.

Copywrite Kenneth Echie. Kenneth writes for Criminal Justice Schools and Degrees . Get free scholarship and grant report and learn about Computer Forensics by visiting. Affiliated website: http://www.extra-income-ideas.com

More Computer Forensics Articles

Tags: , , , , ,

Trackback Trackback  •  Posted in Computer Forensics  

0 comments   Comments

 

Jul 7
2010

An Introduction to Computer Forensics

Computer Forensics is the process of investigating electronic devices or computer media for the purpose of discovering and analyzing available, deleted, or “hidden” information that may serve as useful evidence in supporting both claims and defenses of a legal matter as well as it can helpful when data have been accidentally deleted or lost due to hardware failure.

However, this is a very old technique but now it has been changed a lot because of technological advances, modern tools and software’s which makes Computer Forensics much easier for Computer Forensic Experts to find & restore more evidence/data faster and with more accuracy.

Computer forensics has change the way digital evidence is gathered & used as evidence of a crime & it is done using advanced techniques and technologies. A computer forensic expert uses these techniques to discover evidence from an electronic storage device for a possible crime. The data can be from any kind of electronic device like Pen drives, discs, tapes, handhelds, PDAs, memory stick, Emails, logs, hidden or deleted files etc.

Most of us think that deleting a file or history will remove it completely from the hard disk drive. In realty, it only removes the file from the location but the actual file still remains on your computer. It is easier to track what has been done on your computer but difficult to say by whom though it is possible to alter or delete the data completely from your storage device. It depends on computer forensic expert’s skills how well he can find and restore the data without any loss or change.

Computer forensics got widespread attention during the Enron scandal widely believed to be the biggest computer forensics investigation ever. Nowadays Computer Forensics & Electronic discovery is becoming a standard part of litigation of all types, especially large litigations involving corporate matters in which there are large amounts of data.

Computer forensics can be used to uncover a fraud, unauthorized use of a computer, violation of company policies, inadequate record keeping etc… by tracking e-mails, chat-history, files, tapes, sites people browse or any other form of electronic communications.

Data security is one of the biggest issues that the corporate world is facing now by publishing company’s internet/policies & consequences for violations, signing of compliance documents by employees. Businesses can initiate monitoring their own computer systems to avoid legal consequences in future. Making employees aware that monitoring software and Computer forensics personnel are available could prevent workers from wrong doing.

With the use of computers in everyday life and increasing amount of hi-tech crimes, Computer forensics is a growing niche in the litigation support sector. Unlike many jobs in information technology sector, chances are that computer forensics services will not be outsourced to other country because of the confidentiality of the data business which will not allow it to travel just to save a little cash.

Kevin Cohen is an international computer forensics consultant. He is president of Data Triage Technologies, LLC.(http://www.datatriage.com), a Computer forensics and Electronic discovery firm based in Los Angeles, California .

Tags: , ,

Trackback Trackback  •  Posted in Computer Forensics  

0 comments   Comments

 

 
 
Digital
Entries (RSS) and Comments (RSS). SiteMap