forensic ICT

The focus on this section is on the likely targets of computer criminals. The particular criminals centred on are professional computer criminals. This is so because their activities are by far the most difficult to investigate. As has been mentioned before, they use highly sophisticated technology and they go out of their way to cover and conceal their tracks. They are usually aware of possible investigation and will often use staging to misdirect the course of investigation. In countries where these offences are rampant, many investigators have engaged in wild goose chases as a result of this staging. However, just like any other investigation, there is never a completely organised crime hence there will always be leads that a seasoned investigator can pick and follow up on.

This section documents the basic minimum of personnel required for an ict-crime syndicate to function effectively. The modern approach to Investigation emphasises team work, gone are the days when an inspector ‘Derricks ’ or ‘Charlock Holms’ would seem to anticipate everything a criminal does and like an onion, layer by layer unravels the crime exposing the criminal and the criminal acts to bare nakedness.

Today the concept of teamwork has gained more prominence as yielding better results. This is so because, teamwork benefits from various expertise available or necessary for the eventual solution of the crime. Hence depending on the nature of a crime a team of necessary experts is put together under a specialised investigator to carry out the investigations. Below we list some of the common experts necessary for any such investigation:

Investigating Officer;

Crime Investigation is a scientific exercise that follows scientific procedures; each procedure is meticulously adhered to so that failure to follow the procedure could make the difference between solving the crime and not solving the crime. The procedure is what is called ‘General Procedure of Crime Investigation’ in the title above and it is chronologically listed below:-
NB: - The main way to know that a computer crime has been committed is if the person hit by the ICT-Criminals reports it.

INVESTIGATION PLANNING;

The investigator should plan his work to enable him to conduct his investigations in an efficient and timely manner. The plan should be based on knowledge of the nature of the case one is investigating. It should be made amongst other things to cover:

1. Acquiring knowledge on the victim (Victimology),

2. Establishing the vulnerability of the available security system,
3. Crime scene processing,
4. Evaluation of scene evidence,
   

Crime classification is a very important step in every investigation; G. Mutusovskly says that “constant development of criminalistical characteristic of crimes is explained by the necessity of improving methods of their detection on the base of getting to know the nature of the criminal action itself, it’s mechanism, ways regularities of the inquiry process, and peculiarities of reflected evidences.”

Success in investigating any crime mostly depends on an investigators ability to understand not only the criminal-legal nature but also the criminalistical nature of the committed crime only under definite conditions. He should know typical criminalistic evidences of different crimes and be capable of revealing necessary criminalistical characteristic of a corresponding crime.
Trial-psychological characteristic reflects the most substantial psychological data on criminals and victims, typical groups of witnesses as to separate kinds of crimes and so on.

Threats are things or conditions that pose a threat to secured data or programmes. Threats may include unauthorised modification, capture, and destruction or disclosure. Personal data are not the only vulnerable data. Confidential data on market strategies and product development must be kept from the eyes of competitors. Large sums of money transferred daily by electronic fund transfer must be kept against theft. The very high volume of business information processed by computers today means that the rewards of industrial espionage and fraud are of much higher magnitude than in the past and are increasing.

With every change in technology comes an opportunity to violate systems and newer intrusions are getting to be more creative and effective. In one case in 1993, a long distance telephone company card holder compromised his card and 600 unauthorised international calls were placed on that card before network specialists detected the problem and disconnected the violators. All these happened in less than two minutes. Law enforcers and security managers have to be faster and smarter. They cannot continue the traditional approach of ‘security through obscurity, which is the keeping of vulnerable data security. There is need to embrace technology and device security policies that not only dissuade the violator from breaking into the system but also catch the violator. It is such technologies and policies that are the subject for this topic.

Information Communication Technology (ICT) stand for the technologies including computers, telecommunication and audio-visual systems that enable the collection, processing, transportation, and delivery of information and communication services to users. Computer Technology Crimes include, theft of hardware, theft of software (piracy), theft of information (spying and netspionage), theft of time, trespass (hacking), credit card theft, ATM related theft and vandalism of hardware and software and denial of services. Having said these, it is necessary to explain what some of these words mean:

Hardware includes, the physical parts of a computer system, that is, the inputting devices such as keyboard, mouse, the Central Processing Unit (CPU), the display screen, and any other physical unit that qualify to be on the computer. Hardware theft therefore is when these components are physically stolen, while hardware vandalism is where malicious damage is occasioned on these components.