- Revanth Reddy Chintam
A crime committed by using a computer system, phone, or any digital device that is connected to the network is known as cyber crime or digital crime. These electronic devices can be used either to commit the cybercrime or they can act as the victim by taking the attack from all those malicious sources on the Internet. Every crime is investigated, it is similar in the case of cyber-crimes too. Cyber-crime investigators must be professionals in computer science, not only understanding file systems, software, and operating systems but also must know how the networks work. The investigators must be familiar enough to determine how the interactions between two or more networks works, to understand what had happened, why it happened, when did it happen, who is all behind this and how to protect the victim from further attacks.
Cyber crime investigations are conducted by Criminal justice agencies, National Security Agencies, and Private Security Agencies, etc., There are various investigation techniques involved in cyber crime investigation. They are:
- Background check: A background check of known facts will help the investigators to set a starting point and understand the problem they are facing and how much additional information is required to start the investigation.
- Information gathering: Facts and clues are very important for any investigation. The cyber security researcher or investigator must gather information as much as possible about the incident.
Some basic questions that need answering are:
- Is the attack an automated one, or a human-based targeted crime?
- What is the scope and impact of this incident?
- Can this kind of attack or crime be performed by anyone or only specific people with some special skills?
- Who can be possibly suspected of such crimes?
- Is there any open opportunity for the attacker to possibly attack again?
- Where to find evidence for such crimes?
- Can the evidence be accessible?
- What other similar digital or cyber-crimes have been committed?
These are questions are very important and are considered very relevant during the information gathering process. It is known that most of the National and Federal agencies of investigation use surveillance reports and interviews to obtain proof of cyber-crimes. Surveillance reports involve security cams, videos, and photos, and also the digital behavior of what is being used, how it is used, and when it is used through electronic device surveillance.
- Tracking and Identifying Cyber Criminals: To track the cyber criminal behind these attacks, after the information gathering process, relying on the amount of information in hand, both the private ad public security agencies work hand in hand. With the help of ISPs and Networking companies, the agencies get valuable information like the log information of the companies’ connections, websites, historical services and data, and protocols used during the time the cyber criminal was connected to the ISPs, and these networking companies. However, this process takes a lot of time as it requires permission from the prosecutors and an order from the court to access the evidence and required data.
- Digital Forensics: It is also very essential to examine the digital system that got affected or those expected to be linked with the origin of the attack. For this, the researcher needs to analyze network connection raw data, hard drives, cache devices, RAM, system files, and many more. Once the forensic work starts, the researcher will follow up looking for trails of criminal activity in system files, emails, browsing, network and service logs, etc.,
Top Cybercrime Investigation and Forensic Tools:
- SIFT Workstation: Useful to examine digital forensic data on several systems.
- The Sleuth Kit: An open source collection of Unix and Windows based forensic tools that helps researchers analyze disk images and recover files from those devices.
- X-Ways Forensics: This Tool is used to perform disk cloning and imaging, read partitions from raw image files, HDDS, RAID arrays, LVM2, etc.,
- Caine: Caine is a full Linux distribution used for digital forensic analysis.
- Digital Forensics Framework: It allows researchers to access local and remote devices and also to reconstruct VMware virtual disks.
- Oxygen Forensic Detective: One of the best multi-platform forensic applications used by security researchers and forensic professionals to browse all the critical data in a single place.
- Open Computer Forensics Architecture: This software is developed to speed up the investigation process, allows the researcher to access data from a unified and UX-friendly interface.
- Bulk Extractor: It is one of the most popular apps used for extracting critical information from digital evidence data.
- ExifTool: It supports extracting EXIF from images and vídeos i.e., common and specific meta-data such as GPS coordinates, thumbnail images, file type, permissions, file size, camera type, etc.,
- SurfaceBrowser™: It is used for detecting the full online infrastructure of any company, and getting valuable intelligence data from DNS records, domain names and their historical WHOIS records, exposed subdomains, SSL certificates data, etc.,
24 thoughts on “Cyber-crimes Investigation”
An article which is fully informed
Very detailed , well structured and elaborate article this article also technical aspects are also covered . Some sort of data would have been more helpful with this regarding how in reality police force of India deals with issues like cyber crime .
This article is again a very informative piece, which explains briefly and very clearly as to how cyber crimes and how their investigation can be done efficiently and effectively. However, there are certain punctuation errors and certain spelling mistakes, which need to be proofread before the article is published, but otherwise, it is a highly informative article.
The article coverd all the techincal issues faced by a victim and how the victim will be protected against these attacks.
A very informative article indeed.
About the investigation of cyber crime investigation very few would have a thorough knowledge and this article has provided the clear on point information. Specially at the end the mentioning of cybercrime investigator and tools are very informative.
Such a rare but important information which is definitely very essential to see the insides of this large network which can be impactful in many ways. In order to foresee the impacts and crime arising out of it, it’s very important we are aware about this type of information.
Really good article it really help me to understand things easily
The article proves to be very much intellectual and informative, when it ends to the readers. The article brings questions to the answer ,which everyone wants to be answered, that is how cyber crime investigation happens and get initiated??? The article to much extict brings out the point that who is cyber crime investigator, what is digital forensics,etc. The article is trying to end up, by bringing the field of cyber crimes investigation, making the article end on a very key note that is how digital and cyber forensics be acheived and can be achieved in the field of Cyber Security.
This article explores the different ways of cyber investigation in a very nice manner. The basic questions which come into mind during the investigation are answered through this article. It also talks about cyber forensics and about various agencies which plays vital role in the investigation process.
this article is nice but it would more helpful if it was explained with an example.
This article is a very informative. It effectively deals with some basic questions like how cyber crimes are investigated, what is the process of investigating cyber crimes and what tools and techniques are used to solve the crime. it is important for us to know about process of investigating of such crimes, because then only we can aware more and more people about cyber crimes and prevent them from happening.
The article is very informative stating the various steps that are followed in cybercrime investigation and the possible tools used in this process . The process itself is very risky and a lot of precautions are taken while conducting such tasks as even a small wrong hit on the “enter” key might fee the fugitive .
This articles addresses something which is unknown to most of the people out there i.e. can a crime which is committed against us in the cyber world be investigated and can the criminal ever be found?
This article answers this very question and in detail. It must be read and must reach to masses such that they know that they have protection in law against any cyber crime.
It Was Really Good Information For Those Who Want To Digital Forensic..Nice Work Easy To Understand..Thank You For This Article..
This article gives all the information regarding cyber crime investigation. A lot of national and federal agencies use interviews and surveillance reports to obtain proof of cyber crime. Surveillance involves not only security cameras, videos and photos, but also electronic devices surveillance that details what’s being used and when,how it’s being used, and all the digital behavior involved.
Good quality of knowledge
This article is being well structured and highly informative that it elaborate how the cyber crime investigation is being processed. Also the article elucidate the top cyber crime investigation and forensic tools
Are you searching for a complete package of knowledge this article is that on the topic of cybercrime investigation? This article discusses all the things about the topic of cybercrime investigation in a detailed and structured way. The Article addressed some of the most important questions on the topic and also it presents us that what are the tools used in investigation. I would like to suggest that it is lacking in one part it is about what is the scenario of cybercrime in recent times as with the change of situation in the pandemic, how the investigation in present time changes. If this also included then it would be a great piece of informative article.
While the article does mention about role of ISPs in tracking the cyber offender, it can be very easily bypassed by the offender by simply using a Virtual Private Network on a virtual machine and using proxy for enhanced encryption. Browser like tor, which grant access to onion sites are very much anonymous when it comes to user location and this is a threat to the investigation team. Although these browsers are meant strictly for protecting the privacy of the user, the malicious parts of the society tend to use it in their own favour!
Great Article.nicely explained.
The article could have been a way lot better. Nothing about cyber crime investigation techniques was discussed. Nothing about preventive measures were given. Nothing about proper evidence seizure was explained. Even steps to maintain legality of cyber crimes was not mentioned. In my regards the data is inadequate.
A well structured and very informative article, I can learn a lot from this article like the way of investigating a cyber crime, tools and technologies that we can use to investigate a cyber crime. please explain some more of the same category.