Individuals, small businesses, and multinational corporations need to understand the process of cybercrime investigation to effectively respond to any occurrence of a cybercrime attack. This is accompanied by steps that can be taken to prevent such future occurrences. This involves proper documentation, identifying the breach; technical or psychological, correcting and preventing further problems. Since everyone can be a cybercrime victim, everyone should know how to respond to such attacks and investigate crimes and breaches that affect them. They should also know how to prevent cybercrime from happening in the future by engaging in necessary measures. This paper critically discusses the documentation process while investigating cybercrime and identifying the possible breach and its various forms. The paper also discusses the security solutions presented by technology against cybercrime and the instances where it has failed. The policies and practices that can be employed to guide employees on security measures in an organization are also discussed in the paper. Lastly, the paper gives suggestions on how to correct and prevent further problems in case a cybercrime occurs.
Necessary steps should be taken to prevent future occurrence of cybercrime attacks. These measures include downloading and updating a Virtual Private Network (VPN) which encrypts the data being transmitted via the internet, hence, making users not visible to other network users. People can also practice creating strong and unique passwords that cannot be easily predicted by attackers (Moore, 2014). Finally, individuals should avoid disclosing much personal information such as their addresses to the public through social media accounts.
Delegate your assignment to our experts and they will do the rest.
Cybercrime started as early as the 1970s and the early computerized phone system was the first target. The discovery of correct tones and codes that enabled free and long distance service by individuals who were technologically savvy; then, gave rise to impersonated operators who took advantage of their skills to steal from distant phone users. Today, the trend has greatly been modified and takes several forms (Johnson, 2013). These cybercrime forms include identity theft, credit fraud, and hacking, ransom-ware, denial-of-service attack and e-mail phishing.
Body I: Documentation
Documentation is needed to support law enforcement, as well in identifying the breach involved (Casey, 2011). Therefore; a thorough report of how the breach investigation is conducted is vital for the prosecution of the perpetrators. Moreover; security professionals are required to provide the information on how the recovery of the analyzed artifacts was conducted from the collected data. Accurate documentation on the identification of the breach involved is also necessary since the narrative in the documentation should be clear enough to enable another expert to begin an investigation from a duplicate copy of the documentation (Johnson, 2013). This might require listing the particular events in detail and determining the specific log files from the individual computers, devices, or networks (Moore, 2014). For instance, if a deliberate hacking has occurred on an organization, the investigations which may be done by the privacy commissioner needs to be properly documented in a step by step manner. This will be vital in prosecuting the attacker if the suspect is found or can be used later by another investigator if the case will not be closed yet.
Body II: Identifying the Breach
The nature of cybercrime conducted is important in identifying the breach involved since it shows the vulnerable areas where the attackers took advantage from and performed the attack. The cybercrime breach also depends on the nature of access used by the perpetrator which could either be through technical or social means and this includes identity theft or hacking the network (Harsch, Idler & Thurner, 2014). These factors can be used to determine the breach involved in any cybercrime attack and find a possible way of preventing similar future attacks.
For instance, identity theft is often performed maliciously by online attackers on particular targets and uses their information to perform unauthorized operations. Here, the data breach makes use of a network attack where the cybercriminal infiltrates the network of an organization by identifying the network weaknesses and infrastructure system through employees ((Johnson, 2013). The cybercriminal then tricks the employees to giving access to the company’s network and in the process obtain their credentials. Another instance is stealing and copying ideas and information from others. This attack can be perpetrated by a cyber-attacker who can physically access a victim’s computer or network by using their password (Casey, 2011). This unique breach operation takes advantage of weak passwords that can easily be bypassed by the attackers.
Breaches can either be Technical or Psychological
Technical breaches are the most common forms of breaches, and they involve the use of different malwares to attack databases in organizations or individual users. Ransom-ware is an example of a technical breach where a malware is used to breach defense, locking down the entire files of a computer using a strong encryption (Gragido et al., 2012). The digital keys required to unlock the important data is issued by the hackers after they are given a certain amount of money that they demand.
Psychological breaches, unlike technical breaches involve the use of psychological manipulation to scheme victims into disclosing their sensitive information or granting inappropriate entrance to secure system. This may be through phishing e-mails where the victim is fooled into clicking and opening an attachment which in turn installs malicious software to the victim’s computer. The attachment usually seems to be of a lucrative deal or proposal that the recipients often find attractive to ignore.
Technology may or may not have Security Solutions
The nature of today’s technology is advanced in security measures to the extent of putting in place high security measures and systems that can detect and prevent possible attacks. Security solutions presented by technology include the manufacture of better software that are not vulnerable to malware attacks and can get frequent updates on the present malware vulnerabilities (Gragido et al., 2012). Virtual private network technology is also important since it encrypts all network traffic leaving the user’s device until it reaches its destination (Casey, 2012). Contrarily, technologically savvy individuals can still easily penetrate several networks and access private information from organizations and users. Huge companies such as Yahoo and eBay have already been victims of these cybercrime attacks and computers remain vulnerable to hackers, thus, posing a serious risk to the economy and security of any state.
Policies and Practices in relation to People’s Weakness
It is evident that attackers take advantage of unsuspecting and careless users and use their weaknesses to enter systems and demand ransom-ware. However, when people seem to be the weakness, it is vital to identify policies and practices rather than identifying individuals or their personalities ((Johnson, 2013). Therefore, it is necessary to develop clear policies and practices for the business and its employees which will outline the established security measures in detail and show how to protect the business systems and various information assets. The policies should be supported by response management plan for them to be effective. Furthermore, all the employees should be properly trained on those policies and practices including the necessary steps that they are required to take in an event of cyber incidents or cyber threat (Johnson, 2013). Last but not least, the organization is required to back-up all important information and data regularly to reduce the damage that may be caused by such attacks to the system.
Body III: Correcting and preventing further Problems
Educating individuals from top down, including managers regarding breaches that may arise from their actions is important in correcting and preventing further cybercrimes (Johnson, 2013). This involves the development of procedures and policies to prevent those breaches. Correction of breaches also involves determining if other parties, for instance the customers, are affected and informing them of the breach (Gragido et al., 2012). This is vital since in an event of an attack, the hackers can obtain personal information of the customers and use it inappropriately such as by applying for credit loans without the customer’s consent and making unauthorized purchases Casey, E. (2011). Alerting the customers will put them in a good position to prepare for such unauthorized event by setting up a fraud alert or by freezing the credit account. This step of alerting the customers includes the company’s identifying liability for the mistake and giving the customers recommendations on what can be done to stop further issues.
Conclusion
In sum, individuals, small businesses, and multinational corporations need to understand the process involved in investigating cybercrime and the necessary steps that need to be taken to prevent further occurrences. The various types of cybercrimes require appropriate documentation to support law enforcement and identify the breach bypassed by the hackers. Lastly, when people are perceived to be the weakness, policies and practices can be put in place rather than identifying individuals and their personalities.
References
Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers, and the internet . Academic press.
Gragido, W., Molina, D., Pirc, J., & Selby, N. (2012). Blackhatonomics: An Inside Look at the Economics of Cybercrime . Newnes.
Harsch, A., Idler, S., & Thurner, S. (2014, May). Assuming a state of compromise: A best practise approach for SMEs on incident response management. In IT Security Incident Management & IT Forensics (IMF), 2014 Eighth International Conference on (pp. 76-84). IEEE.
Johnson, M. (2013). Cyber Crime, Security and Digital Intelligence . Farnham, Surrey: Routledge. Retrieved from http://165.193.178.96/login?url=http%3a%2f%2fsearch.ebscohost.com%2flogin.aspx%3fdirect%3dtrue%26db%3dnlebk%26AN%3d559740%26site%3deds-live
Moore, R. (2014). Cybercrime: Investigating high-technology computer crime . Routledge.