Reasons why the developing field of computer forensics is essential to modern-day law enforcement in fighting cyber crimes (by Lillian Ekwosi-Egbulem).
Computer Forensics: The Emerging Significance to Law Enforcement
1. Computer Forensics: The Emerging
Significance to Law Enforcement
Lillian Ekwosi-Egbulem
October 05, 2013
2. Ms Comfort is a 64 year old Nigerian, never had a formal educational training and lives
in the slum. Each morning she takes a bus ride to the nearest city internet café to resume from
where she left off on her business the previous day. Part of her self employed “yahoo-yahoo”
job description is to watch for incoming mails. Once she receives one, she pays someone to have
the mail content explained and a response sent for her. The name of her business is “Advanced
Fee Fraud” aka 419, a type of internet crime very prevalent in the developing countries.
Sometimes, she poses as a young African man and sends invitation to elderly single and
lonely western women, inviting them to join “him” in experiencing a life so beautifully primitive
in African. Other times, she asks her victims to help her transfer some unclaimed money from
the country’s central bank. Those who accept the invitation end up paying ransom to reclaim
their freedom and return back to their countries. Similarly, those who accept to help her transfer
funds pay thousands of dollars in fees before they realized there is no unclaimed money to
transfer.
This is one of the many cyber crimes being perpetuated each day. Others include
company policy violations, embezzlement, email harassment, murder, leaks of property
information, terrorism, child pornography, financial crimes, fraud, identity theft, espionage,
information theft, etc. The reason why there are many types of cyber crime is because it is very
lucrative and the feeling of safety flight gives the criminals a lot of confidence and if they feel
threatened, they can just pull the plug and walk away.
With the many faces of cyber crimes and the sophistication by which cyber criminals
operate, it becomes necessary to have a branch of the law enforcement agency dedicated to
combating this menace. The purpose of this paper therefore is to discuss the multitude of
3. reasons why the developing field of computer forensics is essential to modern-day law
enforcement.
According to the author of Guide to computer forensics and investigation, “computer
forensics involves obtaining and analyzing digital information for use as evidence in civil,
criminal or administrative cases” (Nelson & Phillips, 2010). The field is relatively new but
computer crime rate and the market has grown and will continue to grow, opening up a great
need for computer forensic professionals (Bussing, Null & Forcht, 2005). Today there are simply
not enough law enforcement officers with appropriate computer forensics and computer crime
investigative training to apprehend and prosecute criminals that commit various cyber crimes. Its
emerging significance to law enforcement cannot be overemphasized and the growth in computer
crime rate and the market is one of the reasons among others, why the developing computer
forensics is essential to modern-day law enforcement.
As recorded in Computer Forensics: An emerging practice in the battle against cyber
crime, an FBI report in 2000 showed 2,032 cases opened involving cyber crimes, however, only
921 were closed (Isner, 2003). The remaining unclosed cases were not processed due to lack of
trained investigators, evidence, tools, coupled with the high cost of investigation to prosecute the
cyber criminals. As a result, cyber criminals have been able to evade responsibility due to lack of
supporting evidence to convict them
As recorded in Guide to computer forensics and investigations “the general rule was at
least one law enforcement computer investigator for every 250,000 people in a geographical
region” (Nelson, & Phillips, 2010). Seemingly, with the rate of cyber crime escalating, there is a
4. great need to have at least two or three law enforcement computer investigator for every 250,000
people. Hence, the developing field of computer forensics that will train computer forensic
investigators is essential to modern-day law enforcement. These trained professionals will be
able to investigate cyber crimes, present admissible evidence to help convict more offenders for
the crimes they committed.
Awareness is a great tool for driving message across. With the developing field of
computer forensics being essential to modern-day law enforcement, more schools will offer the
training and grants in this field. With enough trained professional in the field, more cases will be
prosecuted. If more cases go to court and more cyber criminals are convicted, the anonymity
surrounding this type of crime will be eventually stripped. This is very important in making the
cyber criminals realize that no matter how invisible they think they are, they cannot out run the
law.
Computer technology is dynamic and has become an integral part of our everyday life.
The same technologies we use in sharing our children’s photographs with friends and family
members aide others in transmitting child pornography. Obviously, cyber criminals need
avenues and storage facilities to share and store their criminal activities. Consequently, computer
and internet represent the fastest growing technological tools used by criminals who maintain
files of incriminating evidence in their computer. However, they do not understand that sensitive
data tenaciously clings to life and can be retrieved and investigated for the purpose of
prosecution. The criminals unfortunately have no ability to properly destroy the evidence. The
developing field of computer forensics is essential to modern-day law enforcement to assist in
obtaining and analyzing digital information for use as evidence in criminal cases that will help
convict the cyber criminals.
5. As the computer technology advances and pervade the society, the cyber criminals are
not just folding their arms; they are getting more sophisticated and looking for better ways to
conceal their crimes. Cyber criminals do not have to be physically present on the crime scene.
Their tenacity is due to the lucrative nature of the business and the desire to demonstrate prowess
in cyber space. Cyber criminals are really motivated today to use the domain of cyberspace for
their personal gain and to satisfy their criminal urge. Also, they feel pretty comfortable because
of the anonymity of operating in an anonymous state through cyberspace which offers them low
risk (WebTycho, 2010). Law enforcement practitioners need more than the available tools to
deal with cyber crimes. They need professional training in computer forensics to be able to use
the available tools in fighting cyber crime.
“Computer evidence is very fragile and can be easily and unintentionally altered or
destroyed” (Anderson, 2008). As a result, evidence processing is not a task to be undertaken
lightly by just any IT worker but a trained computer evidence specialist (Kay, 2006). Also, there
are standards and procedures (state and federal laws) that must be followed to avoid risks. For
instance, the Fourth Amendment Rights (Search and Seizure) protects defendants against
computer forensic evidence and provide them reasonable or legitimate expectation of privacy.
An untrained investigator trying to process a computer forensic investigation without cognizance
of the legal framework is like a first aid technician performing brain surgery with a pocket knife
which can lead to severe consequences. Furthermore, the expenses involved in computer forensic
investigation are enormous and shortcuts by untrained practitioners should be avoided at all cost
(Anderson, 2008).
In conclusion, we live in the information age and so do criminals. Sophisticated attacks
6. on IT systems are increasing in number at an alarming rate. (Arasteh, Debbabi, Sakka & Saleh,
2007). Due to the ease at which the criminals operate, internet has been termed the “crooks
dream” and the law enforcement nightmare. No doubt, the law enforcement officers are doing a
good job but the training they have is not adequate in providing a “scientifically proven methods
in gathering, processing, interpreting, and using the digital evidence to bring a conclusive
description of cyber crime activities” (Arasteh et al., 2007).
This makes the developing field of computer forensics essential to modern-day law
enforcement because then, trained professionals can match the sophistication of the criminals
and operate through the standards and procedures to preserve data that can serve as evidence in a
court of law. Certainly, with enough computer forensic professionals, internet will be perceived
differently; perhaps as law enforcement dream and the “crooks’ nightmare.
7. References
Nelson, B., Phillips, A. (2010). Guide to Computer Forensics and Investigation (4th
ed.). Boston,
MA: Course Technology
Kay, R. (2006). Computer Forensics. Computerworld, 40(16), 49. Retrieved from ProQuest
Computing. (Document ID: 1024925931).
Bhaskar, R. (2006). State and local law enforcement is not ready for a cyber Katrina.
Association for Computing Machinery. Communications of the ACM, 49(2), 81.
Retrieved from ProQuest Computing. (Document ID: 980873961).
Busing, M.E., Null, J. D., Forcht, K.A. (2005). Computer Forensics: the modern crime fighting
tool. The Journal of Computer Information Systems, 46(2), 115-119. Retrieved from
ProQuest Computing. (Document ID: 984317121).
Anderson, M.R. (2008). Electronic Fingerprints: Computer Evidence Comes Of Age. Retrieved
from http://www.forensics-intl.com/art2.html
Arasteh, A.R., Debbabi, M., Sakka, A., Saleh, M. (2007). Analyzing multiple logs for forensic
evidence. Elsevier,doi:10.1016/j.diin.2007.06.013. Retrieved from http:
http://www.dfrws.org/2007/proceedings/p82-arasteh.pdf
Isner, J. D. (2003). Computer Forensics: An emerging practice in the battle against cyber crime.
Global Information Assurance. Retrieved from
https://www.giac.org/paper/gsec/2797/computer-forensics-emerging-practice-battle-
Raduage, H. (2010). Deloitte center for cyber innovation. Document posted in University of
Maryland University College CIA3016382 online classroom, archived at:
http://webtycho.umuc.edu