Cyber Crime Forensics Term Paper

Download this Term Paper in word format (.doc)

Note: Sample below may appear distorted but all corresponding word document files contain proper formatting

Excerpt from Term Paper:

Cybercrime has become a serious problem in the world we live in. The abundance of personal computers that are readily available at relatively low prices has spawned the growth in Cybercrime all over the globe. As a result, law enforcement agencies have developed cybercrime forensics which is designed to track down those that are responsible for cyber crimes. The purpose of this discussion is to analyze this subject and discuss the consequences and effects through evidence and reason. Let us begin our discussion with a description of cybercrime and cybercrime forensics.

Cybercrime and Cybercrime forensics

Cybercrime involves a plethora of crimes including everything from the creation and spreading of worms and viruses to identity theft. According to the Department of Justice cybercrime is defined as "any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or prosecution (Ditzion, et al.)." More specifically cybercrimes that have taken place in the last decade include viruses, worms, Trojan horses, sniffers, logic bombs and denial of service attacks (Ditzion, et al.).

According to an article entitled Cybercrime Facts "Approximately 80% of all cyber crime is the result of insider attacks. Sometimes, the cyber attacker is a recently laid-off system administrator whose remote-account privileges still are active, or perhaps he created back doors to the network. Organized crime groups also can be behind security breaches (Panczenco)."

The increase in cybercrime over the past decade has forced law enforcement agencies to find new ways of attempting to find the people related to such crimes. The perpetrators of cybercrime are so difficult to find because they can be located all over the world and some countries do not have laws that prevent certain types of crimes carried out over the internet. The problems associated with the laws of different countries combined with the fact that the perpetrators of cybercrime can easily erase evidence related to the crimes they have committed.

In recent years businesses and individuals alike have been adversely affected by cybercrime. In the case of businesses many have hired cybercrime investigators to find out who the perpetrators are and how their computer networks were breeched. According to an article entitled "The Role of Organizations in Identity Theft Response: The Organization-Individual Victim Dynamic ," those that investigate cybercrime are often called upon by the victimized company through private firms that specialize in computer forensics examinations (Lacey et al.). In turn, these private-sector firms will then get law enforcement into the crime solving process as soon as they confirm that illegal activity has occurred (Lacey et al.). The article explains that

"Cooperation between law enforcement and private-sector investigators is still a fairly new idea, however. Several years ago, when the author's company first started conducting forensics investigations, it was often met with distrust by both their private sector clients, who feared bad publicity or losing control of company data, and law enforcement agents, who were reluctant to share information with third-party vendors. However, this reluctance is diminishing as law enforcement becomes more accustomed to working with third-party cyber forensics experts and as clients see that the process can work. Companies like Ubizen work under strict conditions and with detailed nondisclosure agreements, which protects clients and helps allay fears "Lacey et al.).

Cybercrime forensics is defined as "the preservation, identification, extraction, documentation and interpretation of computer data (Kruse and Heiser)." There are different types of cybercrime forensics. One that is used frequently is network forensics. This type of forensics involves searching for anomalies in files and reviewing log entries (Panczenko). Such forensics can be used to aid carriers in establishing how a system was attacked (Panczenko).

Another type of cybercrime forensics involves tracking down those that download child pornography. According to an article entitled "DoD targets child porn on military PCs" the Defense Cyber Crime Center, is seeking to quickly investigate child pornography cases with a new software tool developed under the military's Project KIDS (Known Image Database Systems) initiative (Messmer). The software automates analysis through a hashing technique which searches both known and potential child pornography in data files (Messmer). The author explains that 'The tool also looks for malware, such as backdoors or Trojans, that might indicate the PC was subverted to download child pornography without the PC user's knowledge.Currently, the center has approved more than 300 tools for computer forensics purposes in the military The three primary tools are EnCase from Guidance Software, the Forensic Toolkit from AccessData and iLook, a tool originally developed by Scotland Yard, which is licensed in the U.S. By the Internal Revenue Service only to government users (Messmer)."

Consequences and Effects


Cybercrime has dire consequences especially for large corporations and for individuals that are victims of identity theft. In recent years some cybercrime have affected large financial institution such as Bank of America. Such crime has result in identity theft. Identity theft has consequences for both the individual that is victimized and the credit card companies that absorb the cost associated with fraudulent charges. According to the Journal of Consumer Affairs

Identity theft threatens the very essence of an individual's sense of self and his or her capacity to participate in society. The consequences of this form of criminality are significant and wide-ranging, with current assessments of its impacts exceeding billions of dollars each year ... Available evidence indicates that identity theft is becoming increasingly attractive for perpetrators vis-a-vis other forms of crime. In the United States, for example, identity theft is described as growing at a rate of 30% per year, with its losses estimated at reaching $8 billion by 2005 (Supreme Court of the State of Florida 2002). The loss of funds and/or other forms of property, a tarnished credit history, and a criminal record are all potential outcomes for the identity theft victim, with ongoing consequences for the ability to secure employment, obtain goods and services on credit, travel freely, and participate in the wider society in a generally unencumbered fashion (Ditzion, et al.)."

The consequences of cybercrime are also dire when worms and virues are used to collapse the networks of large corporations and even governments. It costs companies billions of dollars per year to recover from such attacks. In addition, many have feared that terrorists will use vulnerable systems to attack the nation's utitlity grids.

In addition, to the consequences associatd with cybercrime there are also consequences associated with cybercrime fornensics. One of the most dire consequences that occur as a result of cybercrime forensics is the inability to properly collect and store the evidence. One of the main problems is that it can be difficult to aquire the evidence without altering the data that was orriganally seized (Kruse and Heiser). In addition, some cybercrime forensics experts may have difficualty authenticating the recovered data as the data that was origanially seized (Kruse and Heiser). It can also be difficult to analyze the data without altering the data (Kruse and Heiser).

As a consequence of some of these problems many cybercrime perpetrators may be able to evade criminal prosecution. The impact of this could be extremely detrimental in cases involving child porngraphy and pedophilia. In addition, perpretrators that have created and spread worms over the internet and through networks could also escape prosecution if the forensics are in anyway suspect. As a result experts must be properly trained and understand how to properly gather the information and store the information (Messmer).

There are also consequences associated with the inability to store the information once ithas been gathered. This problem exists as it relates to hard drives because it is extremely difficult to place all the information that is stored on a hard drive on to other hard drives (Messmer). For instance, 'a challenge facing the Defense Cyber Crime Center is finding secure ways to store seized data in all computer crime cases. The center's practice has been to store data for each case on a separate PC."We're getting cases so big we can't store the evidence on even four networked PCs, so we need a storage-area network," said Jim Christy, director of the Cyber Crime Institute, the Defense Cyber Crime Center's research arm."But we haven't seen the kind of system to prevent cross-contamination of data ... In one case, Christy recalled, the amount of data reached a whopping 75T bytes (Messmer)."


Cybercrime and cybercrime forensics have a huge effect on the society that we live in. As it pertains to cybercrime the effects can be devestating and can cost a great deal of money. In addiiton, it can cost the company or peron that is the victim their credibilty. It can also effect the quality of life that they have.

The effects of cybercrime forensics can be very positive. As experts find new ways to track cyber criminals the cost and trauma that are concured as a result of these crimes can be greatly reduced. This is because cybercrime forensics experts are able to retrieve information that has been deleted from a hard drive. An article entitled "Digital…[continue]

Cite This Term Paper:

"Cyber Crime Forensics" (2005, September 16) Retrieved October 25, 2016, from

"Cyber Crime Forensics" 16 September 2005. Web.25 October. 2016. <>

"Cyber Crime Forensics", 16 September 2005, Accessed.25 October. 2016,

Other Documents Pertaining To This Topic

  • Cyber Crime Malicious Activities Like Identity Theft

    Cyber Crime Malicious activities like identity theft, harassment and phishing activities are conducted by the cyber criminals by making use of the anonymous context of the cyber world to their advantage. Phishing scams are conducted in such a manner by the scammers that websites are created by them and emails are sent out in order to trick the account holders into revealing sensitive information like passwords and account numbers. These crimes

  • Cyber Crime Task Force Plan

    Cyber Crime Task Force "Are computer vulnerabilities growing faster than measures to reduce them? Carelessness in protecting oneself, tolerance of bug-filled software, vendors selling inadequately tested products, or the unappreciated complexity of network connectivity has led to…abuse…" (Lukasik, 2011). The evidence is overwhelming that cyber crimes are not only increasing each year, but the sophistication of the attacks is greater each year and the impacts of attacks are more severe each year

  • Forensics Digital Evidence Forensics and the

    This phase is described by Carrier as the phase where we "...use the evidence that we found and determine what events occurred in the system" (Carrier, 2005). 2.2. The United States Department of Justice's (USDOJ) digital forensic analysis methodology The second methodology under review in this paper has been put forward by the United States Department of Justice. This consists of four basic phases: collection, examination, analysis and reporting (Shin, 2011).

  • Cyber Crime Is a Serious

    These "stepping stone" computers can be located anywhere in the physical world because real-space is irrelevant to activity in cyberspace (Brenner, 379)." The use of stepping stones can make it difficult for law enforcement to find where an attack actually originated. As was previously mentioned in this discussion, Hackers are often used by companies to develop stronger security. Hackers often perfect their techniques at conventions that also feature hacking competitions.

  • Cybercrime as Little as Ten

    Since the late 1980s, the Council has addressed the growing international concern over computer-related crimes. In 1997, it established a Committee of Experts on Crime in Cyberspace (PC-CY) to begin drafting a binding Convention to facilitate international cooperation in the investigation and prosecution of computer crimes. The United States actively participated in both the drafting and plenary sessions (Chawki). The Convention stipulates actions targeted at national and inter-governmental levels, directed

  • Cybercrime Cyber Theft Is a

    Think of a bank or mortgage company who is hacked, and the amount of personal data that can be downloaded and used elsewhere ("Cyber Investigations"). In addition, many hackers come into governmental or business computers and crash those servers, place viruses, bots, Trojans, email bombs, etc. -- or mine the data or manipulate the data -- where for competitive advantage or simply "as a prank," this is all part

  • Software Tools for a Forensics Lab

    cybercrime forensics lab work received approval purchase a software suite aid investigations. Your supervisor (Mr. Turtle) asks create a proposal comparing computer forensic software utilities recommend purchase-based research. Security forensic software tools Security information and event management has experienced much progress in recent years and there are currently a great deal of software providers that direct their attention toward the field. Through analyzing security alerts, SIEM creators make it possible for

Read Full Term Paper
Copyright 2016 . All Rights Reserved