Details

Cybercrime Investigators Handbook

Cybercrime Investigators Handbook


1. Aufl.

von: Graeme Edwards

50,99 €

Verlag: Wiley
Format: EPUB
Veröffentl.: 13.09.2019
ISBN/EAN: 9781119596301
Sprache: englisch
Anzahl Seiten: 320

In den Warenkorb
Als Gutschein
DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.

Beschreibungen

Titelbeschreibung

<p><b>The investigator’s practical guide for cybercrime evidence identification and collection</b></p> <p>Cyber attacks perpetrated against businesses, governments, organizations, and individuals have been occurring for decades. Many attacks are discovered only after the data has been exploited or sold on the criminal markets. Cyber attacks damage both the finances and reputations of businesses and cause damage to the ultimate victims of the crime. From the perspective of the criminal, the current state of inconsistent security policies and lax investigative procedures is a profitable and low-risk opportunity for cyber attacks. They can cause immense harm to individuals or businesses online and make large sums of money—safe in the knowledge that the victim will rarely report the matter to the police. For those tasked with probing such crimes in the field, information on investigative methodology is scarce. The <i>Cybercrime Investigators Handbook</i> is an innovative guide that approaches cybercrime investigation from the field-practitioner’s perspective.</p> <p>While there are high-quality manuals for conducting digital examinations on a device or network that has been hacked, the <i>Cybercrime Investigators Handbook</i> is the first guide on how to commence an investigation from the location the offence occurred—the scene of the cybercrime—and collect the evidence necessary to locate and prosecute the offender. This valuable contribution to the field teaches readers to locate, lawfully seize, preserve, examine, interpret, and manage the technical evidence that is vital for effective cybercrime investigation.</p> <ul> <li>Fills the need for a field manual for front-line cybercrime investigators</li> <li>Provides practical guidance with clear, easy-to-understand language</li> <li>Approaches cybercrime form the perspective of the field practitioner</li> <li>Helps companies comply with new GDPR guidelines</li> <li>Offers expert advice from a law enforcement professional who specializes in cybercrime investigation and IT security</li> </ul> <p><i>Cybercrime Investigators Handbook </i>is much-needed resource for law enforcement and cybercrime investigators, CFOs, IT auditors, fraud investigators, and other practitioners in related areas.</p>

Inhaltsverzeichnis

<p>List of Figures xi</p> <p>About the Author xiii</p> <p>Foreword xv</p> <p>Acknowledgments xvii</p> <p><b>Chapter 1: Introduction 1</b></p> <p><b>Chapter 2: Cybercrime Offenses 9</b></p> <p>Potential Cybercrime Offenses 11</p> <p>Cybercrime Case Study 26</p> <p>Notes 26</p> <p><b>Chapter 3: Motivations of the Attacker 29</b></p> <p>Common Motivators 30</p> <p>Cybercrime Case Study I 33</p> <p>Cybercrime Case Study II 34</p> <p>Note 35</p> <p><b>Chapter 4: Determining That a Cybercrime is Being Committed 37</b></p> <p>Cyber Incident Alerts 38</p> <p>Attack Methodologies 41</p> <p>Cybercrime Case Study I 44</p> <p>Cybercrime Case Study II 44</p> <p>Notes 45</p> <p><b>Chapter 5: Commencing a Cybercrime Investigation 47</b></p> <p>Why Investigate a Cybercrime? 47</p> <p>The Cyber Investigator 48</p> <p>Management Support 48</p> <p>Is There a Responsibility to Try to Get the Data Back? 50</p> <p>Cybercrime Case Study 51</p> <p>Notes 52</p> <p><b>Chapter 6: Legal Considerations When Planning an Investigation 53</b></p> <p>Role of the Law in a Digital Crimes Investigation 54</p> <p>Protecting Digital Evidence 55</p> <p>Preservation of the Chain of Custody 56</p> <p>Protection of Evidence 59</p> <p>Legal Implications of Digital Evidence Collection 60</p> <p>Cybercrime Case Study 63</p> <p>Note 63</p> <p><b>Chapter 7: Initial Meeting with the Complainant 65</b></p> <p>Initial Discussion 65</p> <p>Complainant Details 68</p> <p>Event Details 68</p> <p>Cyber Security History 69</p> <p>Scene Details 70</p> <p>Identifying Offenses 71</p> <p>Identifying Witnesses 71</p> <p>Identifying Suspects 71</p> <p>Identifying the Modus Operandi of Attack 72</p> <p>Evidence: Technical 73</p> <p>Evidence: Other 74</p> <p>Cybercrime Case Study 74</p> <p><b>Chapter 8: Containing and Remediating the Cyber Security Incident 77</b></p> <p>Containing the Cyber Security Incident 77</p> <p>Eradicating the Cyber Security Incident 80</p> <p>Note 82</p> <p><b>Chapter 9: Challenges in Cyber Security Incident Investigations 83</b></p> <p>Unique Challenges 84</p> <p>Cybercrime Case Study 91</p> <p><b>Chapter 10: Investigating the Cybercrime Scene 93</b></p> <p>The Investigation Team 96</p> <p>Resources Required 101</p> <p>Availability and Management of Evidence 104</p> <p>Technical Items 105</p> <p>Scene Investigation 123</p> <p>What Could Possibly Go Wrong? 152</p> <p>Cybercrime Case Study I 155</p> <p>Cybercrime Case Study II 156</p> <p>Notes 158</p> <p><b>Chapter 11: Log File Identification, Preservation, Collection, and Acquisition 159</b></p> <p>Log Challenges 160</p> <p>Logs as Evidence 161</p> <p>Types of Logs 162</p> <p>Cybercrime Case Study 164</p> <p>Notes 165</p> <p><b>Chapter 12: Identifying, Seizing, and Preserving Evidence from Cloud-Computing Platforms 167</b></p> <p>What is Cloud Computing? 167</p> <p>What is the Relevance to the Investigator? 172</p> <p>The Attraction of Cloud Computing for the Cybercriminal 173</p> <p>Where is Your Digital Evidence Located? 174</p> <p>Lawful Seizure of Cloud Digital Evidence 175</p> <p>Preservation of Cloud Digital Evidence 177</p> <p>Forensic Investigations of Cloud-Computing Servers 178</p> <p>Remote Forensic Examinations 182</p> <p>Cloud Barriers to a Successful Investigation 196</p> <p>Suggested Tips to Assist Your Cloud-Based Investigation 203</p> <p>Cloud-Computing Investigation Framework 206</p> <p>Cybercrime Case Study 219</p> <p>Notes 221</p> <p><b>Chapter 13: Identifying, Seizing, and Preserving Evidence from Internet of Things Devices 225</b></p> <p>What is the Internet of Things? 225</p> <p>What is the Relevance to Your Investigation? 226</p> <p>Where is Your Internet of Things Digital Evidence Located? 228</p> <p>Lawful Seizure of Internet of Things Evidence 228</p> <p>Notes 229</p> <p><b>Chapter 14: Open Source Evidence 231</b></p> <p>The Value of Open Source Evidence 231</p> <p>Examples of Open Source Evidence 233</p> <p>Note 236</p> <p><b>Chapter 15: The Dark Web 237</b></p> <p>Crime and the Dark Web 238</p> <p>Notes 242</p> <p><b>Chapter 16: Interviewing Witnesses and Suspects 243</b></p> <p>Suspect Interviews 245</p> <p>Witness Interviews 246</p> <p>Preparing for an Interview 247</p> <p>The Interview Process 250</p> <p>Closing the Interview 254</p> <p>Review of the Interview 254</p> <p>Preparation of Brief for Referral to Police 255</p> <p><b>Chapter 17: Review of Evidence 257</b></p> <p><b>Chapter 18: Producing Evidence for Court 265</b></p> <p>Digital Evidence and Its Admissibility 267</p> <p>Preparing for Court 268</p> <p><b>Chapter 19: Conclusion 273</b></p> <p>Glossary 277</p> <p>Index 283</p>

Autorenportrait

<p><b>D<small>R</small>. GRAEME EDWARDS,</b> <b>CFE,</b> has been a cybercrime investigator with the Queensland Police Service Financial and Cyber Crime Group and has worked on numerous successful criminal investigations involving local and international jurisdictions. He facilitated the creation of the Victims of Financial Crimes Support Group to support those suffering losses associated with financial or cybercrime. Graeme is an experienced conference speaker and cybercrime investigation educator, provider of training in a corporate environment and conducts post investigation analysis. He has a Doctorate of Information Technology focusing on computer security, computer networking, and cloud computing investigation strategies.

Back cover copy

<p><b>THE ESSENTIAL PRACTITIONER'S GUIDE TO LOCATING CYBER ATTACKERS</b> <p>In the wake of a cyberattack, organizations are often in a state of chaos. Employees, stakeholders, and leadership are concerned for the future of the business and the potential fallout extending to their personal lives. Reputations and finances are equally at stake. In such an environment, taking action to identify the perpetrators of the crime is an important step toward reestablishing order and minimizing damage. <p><i>Cybercrime Investigators Handbook</i> is a thorough guide to understanding cybercrime, identifying evidence, and locating criminals with the intent to prosecute and recover stolen data. Starting from the moment an attack is discovered and proceeding through the stages of commencing an investigation, managing the crime scene, and protecting evidence, this book walks you through each stage of the process using easy to understand non-technical language. <p>Inside, you'll find clear explanations of technical concepts needed to understand cyberattacks and track down their sources. This guide provides a complete set of instructions on navigating complex computer systems and the dark corners of the internet to bring cyber criminals to justice.

Country of final manufacture

US

Diese Produkte könnten Sie auch interessieren:

Mindfulness
Mindfulness
von: Gill Hasson
PDF ebook
12,99 €
Counterparty Credit Risk, Collateral and Funding
Counterparty Credit Risk, Collateral and Funding
von: Damiano Brigo, Massimo Morini, Andrea Pallavicini
EPUB ebook
69,99 €
Successful Stock Signals for Traders and Portfolio Managers
Successful Stock Signals for Traders and Portfolio Managers
von: Tom K. Lloyd
PDF ebook
57,99 €