In the past, cyber-crimes were few and far in between because the computers used were mainframes and they were rare to come by (Greenbaum, 2015). Today, computers have infiltrated almost every aspect of life and most offenses are accompanied by the involvement of computerized devices directly or indirectly. Nearly every individual in the world today has an automated electronic device such as a smartphone and a computer (Greenbaum, 2015). Further, the internet has made the use of computerized devices to commit crimes easier, and all types of offenses can be perpetrated online such as fraud, theft, solicitation, malicious mischief and property destruction (Greenbaum, 2015). This paper focuses on the cyber investigation of Thomas Brown, a man suspected of committing murder.
A cyber-crime investigation, like any other offense, begins with a formal complaint. After the formal complaint, the investigators are then free to start investigating the offense(Greenbaum, 2015). In this case, the first step is to establish the internet protocol address of Mr. Brown from the Internet Service Provider. If the client is not cooperative, the investigator may ask the courts to issue warrants and subpoenas to force him to hand over the Internet Protocol address. Any sites visited by the suspect can be identified and studied through information stored by the Internet Service Provider (Greenbaum, 2015). A true copy of the hard drive, which contains deleted files and temporary files among others, is created. A true copy is only investigated through the use of forensic software programs. These enable the investigators to filter the information that is necessary to the investigation. Often, an investigator may require more than one platform depending on the operating system that the suspect is using (Greenbaum, 2015).
Sniper Forensics refers to the process of a targeted, focal and deliberate approach in the case of an investigation. In the case of investigating cyber-crimes, sniper forensics is very necessary (Greenbaum, 2015). The contents of any individual computer are too much and most of them are probably irrelevant to an investigation. It is therefore advised that a forensic expert specializing in computerized offenses outlines the areas of focus and sticks to these.
Locard’s exchange principle, attributed to Dr. Edmond Locard, states that every contact leaves a trace. According to Locard, when a material touches another, each leaves elements of itself on the other. In cyber-crime, every entry into an electronic and computerized system can be traced (Greenbaum, 2015). Sometimes, forensic assessment of computers and computerized devices can show all the operations that an individual carried out on the device. Sometimes, when an offender is an expert in digital matters, fewer details are available (Greenbaum, 2015). Nevertheless, every contact with a computer leaves a trace that is accessible.
There are various pitfalls in the investigation of a cyber-crime. First, suspects may refuse to comply with the request for an Internet Protocol address (Greenbaum, 2015). The request for a court of law to issue a warrant or a subpoena is often a lengthy and time-wasting process. The second pitfall is that Internet Service Providers keep digital information for very short periods of time (Greenbaum, 2015). However, it is possible to request these entities to preserve data temporarily. Third, the assessment of a true copy is a multi-disciplinary enterprise, and one investigator may not have all the skills necessary for the evaluation of the contents of a true copy (Greenbaum, 2015).
References
Greenbaum, D. (2015). Cyber crime 2.0. Science, 348(6231), 193-193.
