Computer technology is very crucial in everyday human activities. Computer crimes have tremendously grown, which makes computer forensics very relevant. Some of the computer crimes include unauthorized intrusion and financial fraud. Based on the case study, computer forensics have the potentials of obtaining digital information. NFAT (Network Forensics Analysis Toolkit) can view, collect and monitor intrusion of information on a computer. NFTA is an active sensing system that enables investigators to isolate, scrutinize and reply an intrusion. NFAT look at the logs on the computer and replay the features on how the event took place. Also, the system can show the network traffic and the trends in the computer system. NFAT can view on intrusion in a computer because it can undertake various roles. Some of the things that the system can analyze include capturing passwords, identify the pages that were viewed, and spy on emails (Kanellis, 2006). This indicates that the system can easily identify an intrusion in the computer.
Also, NFAT has the potential of testing the IDS (Intrusion Detection Systems) to see the signatures that are supposed to be detected. The IDS that is set on the computer can easily alert the administrator to the attacks that have penetrated the network. It is essential to note that NFAT can provide information on how the network is performing. This is streamlined towards network and security administrators. The system can view rogue servers on the computer and monitor internal threats.
NFAT system has several components that play tremendous roles. The components include server, agents, firewall and examiner computer. The role of agents is to monitor, interpret and retrieve network data. The server that is centralized in the computer holds the data that is collected from the network. The firewall is the barrier between the users and machines that are under common security policy (Kanellis, 2006). The firewall is categorized based on the roles. Hence, the firewall works as the IP filter and mediates between external and internal connections. The host is essential in the NFAT system because it provided the forensics examiner to analyze the data. The host computer is an important to the source of data that is used in computer forensics.
Information warfare is one of the crucial concepts that entails the use of communication and information technology. The United States favor technology to enhance cyberwarfare and electronic warfare. The Kosovo crisis entailed the hacking of NATO website. The internet played a role in the information warfare. The internet made it possible for the attacks to take place because NATO was operating on the same server. The internet enabled the operation of the e-mail system. The internet also facilitated the installation of a computer virus. The internet was used to transfer information, which created a concrete platform for a clash. The internet enabled hackers to access and exchange information. In fact, it caused line saturation of the internet served. The internet corrupted the e-mail system and the intrusion of NATO website. For example, an individual used the internet to send 2000 messages on a daily basis.
Also, the internet was used to launch a DOS (Denial of Service) attack. The DOS attacks flooded the NATO system with requests that went beyond its handling capacity. The internet was also used by Serbians to attack non-military websites. They defaced the web pages so that attackers can pass information to the public. In a critical analysis, the internet facilitates access to important information that was not supposed to be accessed by the people.
The way the internet was used during the Kosovo crisis can be classified as criminal and noncriminal. The way Yugoslav hackers used the internet can be classified criminal. This is because hacking information is against the law. NATO was not aware of how important information was leaked and transferred. Also, the way Serbians used the internet was non-criminal. The information that is shared on the internet should only be communicated to authorized individual and organizations (Nemati, 2008). It is non-criminal because it entailed sharing of information with the public. The messages that were shared with the public was not spam; hence, it is non-criminal. The bringing down of the U.S White House web page is criminal in nature. This is because it down not align with the legal framework that has been put in place. It is part of cybercrime, which makes it criminal in nature.
The DOS attack on NATO web system is non-criminal. This is because it does not modify or destroy data in the information system of the victim. On the other hand, it can be classified as criminal because rendered the legal operations of NATO impossible. The attackers used the email bombs and viruses to overflow NATOs mailbox. The PRC-attackers used of the internet is criminal. This is because it entails defacement of the web pages. It is a criminal way of using the cyberspace.
Internet attacks have also been used in the Iraq war. Since 2005, Unite States have used cyber-attacks to jam the communication system of Iraqi and Taliban insurgents (Elliott, 2010). The United States used the Internet attacks to influence the financial system in Iraq. It is believed that the internet attacks might have affected the cash flow of Saddam Hussein.
Investigation in cyber warfare differs from that of profit-motivated hackers. Cyber warfare is well planned, organized and executed compared to profit-motivated attacks. The execution of cyber warfare entails the use of sophisticated technologies. Therefore, the forensic team should have more sophisticated tools. Profit motivated hackers only focus on transferring money to their accounts and cleaning up the paths they used. Also, cyber warfare attacks target many crucial infrastructures at once.
References
Elliott, S. (2010). Cyber Warfare and the Conflict in Iraq. Infosec.
Kanellis, P. (2006). Digital crime and forensic science in cyberspace. Hershey PA: Idea Group Pub.
Nemati, H. R. (2008). Information security and ethics: Concepts, methodologies, tools and applications. Hershey PA: Information Science Reference.