home     about     workbooks     subscribe    

Workbook 2 : Investigating Modern Computer Crime


LEARN HOW TO:
  • Identify where a crime has occurred and what must be done to lay the foundations of a successful investigation.
  • How to use computer based investigation tools and gather evidence in a form that a court will accept.
  • Star and sustain a detailed investigation to its logical conclusion.
  • How to interview suspects and witnesses even when either may come from a professional IT background.
  • Present a case in court
WORKBOOK BENEFITS:

The globalisation of opportunity provided by the Internet has resulted in computer crime assuming an international role and an unprecedented level of sophistication. The Stanford Research Institute and FBI put the odds of a successful prosecution for computer crime at 22,000 to 1. Since the average haul from computer fraud is over $2 million it is not surprising that organised criminal gangs now have a firm footing in computer related crime. This workbook shows you how to investigate this type of crime and close the security holes that have permitted the exploitation of the system.

You will learn a complete methodology for the investigation of hitech crime as well as a thorough understanding of the nature of crime on complex computer networks . Contributive case studies are used to illustrate how IT investigations should be conducted based on actual crimes.

WHO SHOULD USE THIS WORKBOOK:

This workbook is essential for those involved in investigating and preventing computer crime, including computer auditors, systems security officers, IT staff, police, private and corporate investigators with a detailed technique to successfully investigate computer crime.

order today

Modules:

1. COMPUTER CRIME
  • The crime scene
    • Fraud and theft
    • Vandalism and sabotage
    • Breach of privacy and confidentiality
    • Espionage and disclosure
    • Violation of data integrity
    • Denial of service
    • Extortion
  • Organised Crime
  • Collusive crimes
  • Solitary crimes
  • Hackers
    • Packet sniffers
    • Eavesdropping
  • New Internet crimes
  • Questions
2. ACCOUNTING AND AUDITING
  • Companies
  • Double entry book keeping
  • Controls
  • Audit
  • Balance sheets
  • Managerial accounts
  • Investigation of double entry systems
  • Perpetual inventories
  • Performance and liquidity ratios
  • Concealment
  • Manipulation
  • MisrepresentationLedger investigations
  • Questions
3. PRE-INVESTIGATION ACTIVITY
  • Schedule of investigative activities
  • Criminal steps
  • Pre-investigation activity
    • Identification of Internet frauds and scams
    • Anonymous letters
    • Has a fraud occurred?
    • Validitity of reported crime
  • Determine if a crime has been committed
  • Assess the probability of crime
  • Vulnerability and criticality charts
  • Overt Investigative Audit
  • Determine level of technicality
  • Determine resources
  • Review personnel links
  • Organisation job charts and descriptions
  • Planning considerations
  • Police
  • Prosecutions
  • Civil actions
  • Questions
4. INITIAL INVESTIGATIVE ACTIVITY
  • Involve outside experts
    • IT consultants
    • Accountants
    • Lawyers
    • Forensic
    • Researchers
  • Basic problems
  • Questions to be resolved immediately
  • Initial assessment of computer security
    • Segregation
    • Alteration to programs
    • Regularly worked overtime
    • Uncompetitive salary structures
    • Poor management control
    • Absent or badly produced documentation
    • Data security
    • Poor housekeeping
    • Poor personnel procedures
5. SYSTEM VULNERABILITIES
  • Finding vulnerabilities
    • Databases
    • Personnel
    • Programming
    • Physical security
    • Access control
    • Communications
    • Internet
    • Unix
    • Novell
    • NT
    • Webs
    • Extranets
    • Encryption
    • Firewalls
    • PCs and terminals
    • DRP
  • Questions
6. FIRST SCENARIO
  • Investigative conferences
  • Black book records
  • Document integrity
  • Company environment
  • Computer crimes
    • Partners
    • Check list for partner crime
    • Executive crime
  • Preliminary work
  • Questions
7. EVALUATE VULNERABILITIES
  • Covert investigations
    • Initial inspection
    • Hidden files
    • Deleted files
    • Indexing
    • Copying
    • Multiple text search
  • Assessing risk exposure
  • Survey results
  • Questions
8. GATHERING COMPUTER EVIDENCE
  • Reconstructing evidence
  • IT surveillance
    • Use of logs in evidence
    • Program analysers
    • Flaw hypothesis
    • ITF
    • Program flaw analysis
  • Security audit tools
  • Testing procedures
  • Security programs
  • Disc residue
9. SURVEILLANCE OF SUSPECTS
  • Negative vetting
  • Positive vetting
  • Moving and stationary surveillance
  • Electronic surveillance
  • Static surveillance
  • Refining the scenario
  • Committee work
  • Case study
10. INTERVIEWS AND INTERROGATIONS
  • The interviewer
  • The interview room
  • Interview or interrogate?
  • Interviews
  • The questioning process
  • Interrogation
  • Body language
  • Speech
    • Creative listening
  • The guilty
  • Statements
  • Case studies
11. THE LEGAL CASE
  • Forensics
  • Insurance
  • Case presentation
  • Common law
    • UK Computer Misuse Act 1990
  • Civil law
  • Roman-Dutch law
  • Rules of evidence
OVERVIEW OF COMPUTER CRIME
  • Growth of Internet crimes
  • The new involvement of organised criminal gangs
  • Types of crime in complex systems
ACCOUNTING AND AUDITING
  • Companies
  • Double entry book keeping
  • Controls
  • Audit
  • Balance sheets
  • Investigation of double entry systems
  • Perpetual inventories
  • Performance and liquidity ratios
  • Concealment
  • Manipulation
  • Misrepresentation
  • Ledger investigations
PRE-INVESTIGATION ACTIVITY
  • Determine nature of crime
  • Pre-investigation activity
  • Criminal steps
  • Secrecy
  • Determine if a crime has been committed
  • Assess the probability of crime
  • Vulnerability and criticality charts
  • Overt Investigative Audit
  • Determine level of technicality
  • Determine resources
  • Review personnel links
  • Organisation job charts and descriptions
  • Planning considerations
  • Police
  • Prosecutions
  • Civil actions
INITIAL INVESTIGATIVE ACTIVITY
  • Involve outside experts
  • Questions to be resolved immediately
  • Initial assessment of computer security
  • Documenting interviews
  • System vulnerabilities
  • Data security programme
  • Questionnaire
  • Investigative conferences
  • First scenario
  • Document integrity
  • Partner crime
  • Company environment
  • Executive crimes
  • Verify or change scenario
EVALUATIONS
  • Types of attack
  • Assessing risk exposure
  • Analysis results
  • Typical calculation
  • Surveillance
  • Negative screening
  • Positive screening
  • Computer surveillance
  • Review controls and procedures
  • Determine requisite resources
  • Verify the change of scenario
DETAILED INVESTIGATIONS
  • Gathering computer evidence
  • Develop scenario
  • Evidence identification
  • Interview witnesses and suspects
  • The interviewer
  • The interview
  • The questioning process
  • Interrogation
  • Body language
  • Speech
  • Embedded questions
  • Statements
  • Evidence
THE LEGAL CASE
  • Crime laboratories
  • Case presentation
  • Common law
  • Civil law
  • Roman-Dutch law
  • Rules of evidence
  • Recovery of evidence
  • Physical evidence
  • Chain of custody
  • Handling evidence
  • Presentation in court
  • Recover monies
  • Re-design security
CASE STUDIES
  • Case studies based on actual crimes

 


Webmaster