Cyber Forensics
Image source - http://bit.ly/2J8Cez4

This article is written by Shambhavi Tripathi, a 3rd-year student of LL.B. in Panjab University, Chandigarh. The article deals with the classification of cyber crimes, types of cyber criminals and introduction to cyber forensics.

Introduction

Cyber crimes can be various kinds and with the advancement in science and technology, new kinds of cyber threats are coming up every other day, however, attempts have been made to categorize them so that they can be dealt with accordingly. Along with this, cyber criminals can be of various kinds as well depending upon the kind of cyber crimes they commit. Further, cyber crimes have some kind of motivation behind them such as financial gain, some vendetta, ideological motivation etc. 

Classification of Cyber Crimes

The cyber crimes may be broadly classified into four groups. They are:

  1. Crime against the Individuals: Crimes that are committed by the cyber criminals against an individual or a person. A few cyber crimes against individuals are:
  • Harassment via electronic mails.
  • Dissemination of obscene material.
  • Cyber-stalking.
  • Defamation.
  • Indecent exposure.
  • Cheating.
  • Unauthorized control/access over computer system.
  • Email spoofing.
  • Fraud.

2. Crimes against Property: These types of crimes includes vandalism of computers, Intellectual (Copyright, patented, trademark etc) Property Crimes, Online threatening etc. Intellectual property crime includes: 

  • Computer vandalism.
  • Transmitting virus.
  • Net-trespass.
  • Unauthorized access / control over computer system.
  • Internet thefts.
  • Intellectual Property crimes- Software piracy, Copyright infringement, Trademark infringement.

3. Crime against Organization: Crimes done to threaten the international governments or any organization by using internet facilities. These cyber crimes are known as cybercrimes against Organization. These crimes are committed to spread terror among people. Cyber terrorism is referred as crimes against a government. Cybercrimes against Government includes cyber attack on the government website, military website or cyber terrorism etc.

  • Unauthorized access / control over computer system.
  • Cyber terrorism against the government organization.
  • Possession of unauthorized information.
  • Distribution of Pirate software.

4. Crime against Society: Those cybercrimes which affects the society interest at large are known as cyber crimes against society, which include:

  • Child pornography.
  • Indecent exposure of polluting the youth financial crimes.
  • Sale of illegal articles.
  • Trafficking.
  • Forgery.
  • Online gambling.

Distinction between Cyber Crime and Traditional Crime

  1. Kind of Crime- Cyber crimes are quite different from traditional crimes as they are often harder to detect, investigate and prosecute and because of that cyber crimes cause greater damage to society than traditional crimes. Cyber crime also includes traditional crimes conducted through the internet or any other computer technology. For example; hate crimes, identity theft, terrorism, stalking and bullying are considered to be cyber crimes when traditional crimes are committed through the use of a computer and the internet. 
  2. Perpetrator- Another difference is in the description of the perpetrators of both kinds of crimes. The hackers in cyber crime are professional thieves, educated hackers, organized criminal gangs, ideological hackers (hacktivists) etc. as compared to traditional crimes.
  3. Evidence- The other difference between these two terms is based on the evidence of the offences. In the traditional crimes the criminals usually leave any proof of that crime like fingerprints or other physical proof. But in the cyber crimes cyber criminals commit their crimes through the internet and there are very less chances of leaving any physical proof.
  4. Physical force- Further, these two terms can be differentiated on the basis of use of force. In traditional crimes many of the crimes like rape, murder, and burglary etc. involve the use of excessive physical force which leads to physical injury on the victim. But in cyber crimes, there is no requirement of any type of physical force because in this type of crimes the criminals only use the identities or accounts of other person using computer technologies.
https://lawsikho.com/course/insolvency-bankruptcy-code-ibc-nclt-sarfaesi
                 Click Above

Reasons for Commission of Cyber Crimes

Economically Motivated Cyber Crime

Money is a major motivator for many cyber criminals. Cyber criminals to engage in malware, phishing, identity theft and fraudulent money request attacks to make money fraudulently. Cyber criminals often use cryptocurrency for small transactions, or wire transfers for greater amounts. Businessweek estimates that cyber crimes targeting online banking accounts make nearly 700 million dollars per year globally and that is just one kind of cyber crime.

Personally Motivated Cyber Crime

Cyber criminals are often motivated due to personal emotions and vendettas and are essentially crimes of passion committed over the Internet. From an angry employee installing a virus on office computers or a stalker hacking into someone’s social media accounts are some personally motivated cyber crimes.

Ideologically Motivated Cyber Crime

Some cyber crimes are committed for believed ethical, ideological or moral reasons, as happened when financial companies like Visa, MasterCard and PayPal refused to let account and card holders to make contributions to the controversial non-profit WikiLeaks, a hacktivist group “Anonymous” sent a series of bot attacks on the financial companies’ servers.

Cyber Crimes due to Competition

Various cyber crimes are committed due to competition in industries and getting into a manufacturers system can be valuable, for IP, blackmail, competitive intelligence etc. These crimes are usually committed in industries with complex intellectual property at their core, for eg. technology, pharmaceuticals, general utilities etc.

Politically Motivated Cyber Crimes

Cybercrime is a growing tool used to achieve political ends. It is used to manipulate elections or distribute ransomware. Many companies like Facebook use personal information and data of its users and use this information to influence political views of people.

Cyber Criminals and their types

A cybercriminal is a person who conducts some form of illegal activity using computers or the Internet. These cyber criminals use their knowledge of computer, network and human behavior, and a variety of tools to commit cyber crimes. Cyber crimes can be of following types: 

  • Hackers: Hackers explore others’ computer systems for various reasons depending upon their need. Hackers can be of three kinds:
  • White hat hackers- A white hat hacker is an ethical hacker who opposes the abuse of computer systems and networks. A white hat generally focuses on securing IT systems.
  • Black hat hackers- A black hat is a hacker who compromises or breaks into the security of a computer system or network without the permission of authorized party, typically with malicious intent.
  • Grey hat hackers- A Grey Hat is a hacker who sometimes acts legally, sometimes illegally. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or for malicious intentions, but may or may not occasionally commit crimes.
  1. Crackers: These individuals intentionally cause loss to satisfy some antisocial motives or sometimes just for fun. Many computer virus creators and distributors fall into this category. 
  2. Pranksters: These individuals perpetrate tricks on others. They generally do not intend any particular or long-lasting harm. 
  3. Career criminals: These individuals earn part or all of their income from crime. In some cases they conspire with others or work within organized gangs such as the Mafia. The greatest organized crime threat comes from groups in Russia, Italy, and Asia.
  4. Cyber terrorists: There are many forms of cyber terrorism. Sometimes a hacker may break into a government website to steal information or to post a threat. It was found that around 25 Indian government websites were hacked till May 2019.
  5. Cyber bulls: Name calling in chat rooms, posting fake profiles on websites, and sending mean or cruel emails or messages are some forms of cyberbullying and cyber bulls indulge in such activities.
  6. Salami attackers: Those attacks are used for the commission of financial crimes. The key here is to make the alteration so insignificant that in a single case it would go completely unnoticed e.g. a bank employee inserts a program into bank‘s servers, which deducts a small amount from the account of every customer. 
  7. Drops: These individuals convert the ‘virtual money’ or cryptocurrency into real cash. 
  8. Kids: They are called so because of their tender age (most are under 18). They buy and resell the elementary building blocks of effective cyber-scams such as spam lists, proxies, credit card numbers, hacked hosts, scam pages etc.
  9. Coders: They produce ready-to-use tools such as trojans, mailers, custom bots, viruses and other services and sell them to the cyber crime labour force.

Digital Forensics and Cyber Forensics

Digital forensics is a branch of forensic science which deals with recovery and investigation of digital or electronic data. This data can be from a computer system, mobile device, cloud service, and so on. Its various sub branches include computer forensics, network forensics, forensic data analysis, and mobile device forensics.

Cyber or computer forensics is the application of forensic science to collect, process, and interpret digital evidence to help in a criminal investigation and presenting digital evidence in a court of law. It is the branch of forensic science in which evidence is found in a computer or any other digital device and with increasing cybercrime, cyber forensics has now become crucial for public safety, national security, and law enforcement.

Cyber forensic techniques include:

  1. Cross-driven analysis that correlates data from multiple hard drives.
  2. Live analysis, which obtains data acquisitions before a PC is shut down.
  3. Deleted file recovery.
  4. Detecting data theft using Stochastic Forensics.
  5. Concealing a file, message, image, or video within another file using Steganography.

Computer forensic investigations go through five major standard digital forensic phases:

  1. Policy and procedure development, 
  2. Assessment, 
  3. Acquisition, 
  4. Examination, and 
  5. Reporting.

Five Standard Phases of Computer Forensic Investigation 

The listed five-step computer forensic investigation allows examiners to thoroughly investigate the assigned case.

  1. Policy and Procedure Development

Law enforcement and government agencies are hiring experienced cyber security experts to draw proper guidelines, policies, and procedures to be followed during computer forensic investigation because data can be delicate and highly sensitive. 

  1. Evidence Assessment

Evidence assessment is a critical part of digital forensics as it provides a clear understanding of the case details and includes examining hard drives, email accounts, social networking sites, and other digital archives for digital evidence linking someone to the crime. The investigators should also preserve the acquired evidence properly. 

  1. Evidence Acquisition

During evidence acquisition, computer forensic investigators are subjected to follow the policies dedicated to preserving the integrity of potential evidence. This step should be completed carefully and legally as the documented evidence are crucial in the proceedings of a court case.

  1. Evidence Examination

The analysis of digital evidence provides details like the date, time, and location where the data were created and downloaded. It also helps the investigators to find the connection between uploading of files from storage devices to a public network. 

  1. Reporting

Lastly, investigators need to report the whole process of investigation and evidences acquired and examined to the authorities. This is needed to ensure that all the guidelines, policies, and procedures have been followed throughout; it also ensures the authenticity and integrity of the data retrieved for the evidential reasons. 

Conclusion

In conclusion it can be said that just like cyber crimes are very diverse, cyber criminals also belong to a broad spectrum with different motivations fueling them. Further, cyber crimes and traditional crimes may seem similar on the outside yet there are certain differences between the two, which separate one from another. To tackle these issues, cyber forensics is being actively used these days to deal with cyber crimes, investigate and collect digital evidence and catch cyber criminals. 

References

  1. Chapter III: Meaning, Concept and Classification of Cyber Crime; Shodhganga; <https://shodhganga.inflibnet.ac.in/bitstream/10603/188293/11/11_cha%5bpter%203.pdf>
  2. H Saini, Y.S. Rao and T.C. Panda: Cyber Crimes and their impacts: A Review; International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 ,Vol. 2, Issue 2,Mar-Apr 2012, pp.202-209 < www.ijera.com>
  3. Cyber Criminals: Who They Are and Why They Do It; Vircom; Dated: 07.02.2018; Date of Access: 18.10.2019 < https://www.vircom.com/blog/cybercriminals-who-they-are-and-why-they-do-it/>
  4. Sammons J, Cross M.: The Basics of Cyber Safety, 2017; Science Direct: Cybercriminals, Date of Access: 18.10.2019 < https://www.sciencedirect.com/topics/computer-science/cybercriminals>
  5. Causes of Cyber Crime by Edward Mercer; itstillworks; Date of Access: 18.10.2019 < https://itstillworks.com/causes-cyber-crime-1846.html>
  6. Introduction to Cyber Forensics; Cybrary; Dated: 23.06.2018; Date of Access: 19.10.2019 < https://www.cybrary.it/0p3n/introduction-to-computer-forensics/>
  7. Cyberforensics; Technopedia; Date of Access: 19.10.2019 < https://www.techopedia.com/definition/2388/cyberforensics>
  8. An Introduction To Computer Forensics And How To Become A Computer Hacking Forensic Investigator; EC Council Blog; Dated: 25.03.2019; Date of Access: 19.10.2019 <https://blog.eccouncil.org/an-introduction-to-computer-forensics-and-how-to-become-a-computer-hacking-forensic-investigator/>

Students of Lawsikho courses regularly produce writing assignments and work on practical exercises as a part of their coursework and develop themselves in real-life practical skill.

LawSikho has created a telegram group for exchanging legal knowledge, referrals and various opportunities. You can click on this link and join:

https://t.me/joinchat/J_0YrBa4IBSHdpuTfQO_sA

Follow us on Instagram and subscribe to our YouTube channel for more amazing legal content.

Did you find this blog post helpful? Subscribe so that you never miss another post! Just complete this form…

LEAVE A REPLY