Join Sandra Toner for an in-depth discussion in this video Classifying cyber crime, part of Computer Security: Investigation and Response.
- View Offline
- In this video, we'll start off by taking a look at cyber crime. It's important to understand the intricacies of this type of crime in order to learn digital forensic investigation techniques. When a crime involves computer data or network connectivity, it's usually involved in one of three ways. It can be the target. This is where a malicious actor is victimizing the computer itself. It could also be the instrument. This is where the malicious actor is using the computer to victimize someone or something.
It can also contain evidence. Because a computer captures information about user activity, that information can be used as evidence. In computer forensics, the type of crime dictates the forensic process. On a case, you might find the computer was used in more than one criminal way. It could, for example, store information about visits to a social media page where the malicious actor then posted harassing online messages. In this case, it would be, not only the instrument, but also contain evidence.
Let's take a look at the first computer virus. While there were other viruses previous to this one that were studied in research, this was the first released in the wild. It was called Brain and it held evidence because it contained the actual contact details of its authors in Pakistan. Brain was a boot-sector virus. It was created in the mid-80s by the Farooq Alvi brothers. They made this virus as a defense mechanism to deter the piracy of the software that they had written.
The major affect of this virus was really, kind of harmless. All it did was change the disk label to read Brain. There's a lot to know about technology, communications, and electrical engineering with digital forensic science. Next, we'll take a look at important areas for learning and professional development.
This course covers the basics of computer forensics and cyber crime investigation. Author Sandra Toner provides an overview of forensic science, and discusses best practices in the field and the frameworks professionals use to conduct investigations. Then, after showing how to set up a simple lab, Sandra describes how to respond to a cyber incident without disturbing the crime scene. She dives deep into evidence collection and recovery, explaining the differences between collecting evidence from Windows, Mac, and Linux machines. The course wraps up with a look at some of the more commonly used computer forensics software tools.
- Applying science to digital investigations
- Understanding forensic frameworks
- Defining cyber crime: harassment, hacking, and identity theft
- Setting up a forensic lab
- Responding to cyber incidents
- Collecting and recovering evidence
- Examining networks for evidence
- Applying forensics to Windows, Mac, and Linux
- Working with forensics tools