Atjaunināt sīkdatņu piekrišanu

E-grāmata: Cybercrime Investigators Handbook [Wiley Online]

  • Formāts: 320 pages
  • Izdošanas datums: 25-Oct-2019
  • Izdevniecība: John Wiley & Sons Inc
  • ISBN-10: 1119596319
  • ISBN-13: 9781119596318
Citas grāmatas par šo tēmu:
  • Wiley Online
  • Cena: 66,20 €*
  • * this price gives unlimited concurrent access for unlimited time
Cybercrime Investigators HandbookPalielināt
  • Formāts: 320 pages
  • Izdošanas datums: 25-Oct-2019
  • Izdevniecība: John Wiley & Sons Inc
  • ISBN-10: 1119596319
  • ISBN-13: 9781119596318
Citas grāmatas par šo tēmu:
Wiley Online E-booksMore info about Wiley Online
Rokasgrāmatas mājas lapa: https://onlinelibrary.wiley.com/doi/book/10.1002/9781119596318

The investigator’s practical guide for cybercrime evidence identification and collection

Cyber attacks perpetrated against businesses, governments, organizations, and individuals have been occurring for decades. Many attacks are discovered only after the data has been exploited or sold on the criminal markets. Cyber attacks damage both the finances and reputations of businesses and cause damage to the ultimate victims of the crime. From the perspective of the criminal, the current state of inconsistent security policies and lax investigative procedures is a profitable and low-risk opportunity for cyber attacks. They can cause immense harm to individuals or businesses online and make large sums of money—safe in the knowledge that the victim will rarely report the matter to the police. For those tasked with probing such crimes in the field, information on investigative methodology is scarce. The Cybercrime Investigators Handbook is an innovative guide that approaches cybercrime investigation from the field-practitioner’s perspective.

While there are high-quality manuals for conducting digital examinations on a device or network that has been hacked, the Cybercrime Investigators Handbook is the first guide on how to commence an investigation from the location the offence occurred—the scene of the cybercrime—and collect the evidence necessary to locate and prosecute the offender. This valuable contribution to the field teaches readers to locate, lawfully seize, preserve, examine, interpret, and manage the technical evidence that is vital for effective cybercrime investigation.

  • Fills the need for a field manual for front-line cybercrime investigators
  • Provides practical guidance with clear, easy-to-understand language
  • Approaches cybercrime form the perspective of the field practitioner
  • Helps companies comply with new GDPR guidelines
  • Offers expert advice from a law enforcement professional who specializes in cybercrime investigation and IT security

Cybercrime Investigators Handbook is much-needed resource for law enforcement and cybercrime investigators, CFOs, IT auditors, fraud investigators, and other practitioners in related areas.

List of Figures
xi
About the Author xiii
Foreword xv
Acknowledgments xvii
Chapter 1 Introduction
1(8)
Chapter 2 Cybercrime Offenses
9(20)
Potential Cybercrime Offenses
11(15)
Cybercrime Case Study
26(1)
Notes
26(3)
Chapter 3 Motivations of the Attacker
29(8)
Common Motivators
30(3)
Cybercrime Case Study I
33(1)
Cybercrime Case Study II
34(1)
Note
35(2)
Chapter 4 Determining That a Cybercrime Is Being Committed
37(10)
Cyber Incident Alerts
38(3)
Attack Methodologies
41(3)
Cybercrime Case Study I
44(1)
Cybercrime Case Study II
44(1)
Notes
45(2)
Chapter 5 Commencing a Cybercrime Investigation
47(6)
Why Investigate a Cybercrime?
47(1)
The Cyber Investigator
48(1)
Management Support
48(2)
Is There a Responsibility to Try to Get the Data Back?
50(1)
Cybercrime Case Study
51(1)
Notes
52(1)
Chapter 6 Legal Considerations When Planning an Investigation
53(12)
Role of the Law in a Digital Crimes Investigation
54(1)
Protecting Digital Evidence
55(1)
Preservation of the Chain of Custody
56(3)
Protection of Evidence
59(1)
Legal Implications of Digital Evidence Collection
60(3)
Cybercrime Case Study
63(1)
Note
63(2)
Chapter 7 Initial Meeting with the Complainant
65(12)
Initial Discussion
65(3)
Complainant Details
68(1)
Event Details
68(1)
Cyber Security History
69(1)
Scene Details
70(1)
Identifying Offenses
71(1)
Identifying Witnesses
71(1)
Identifying Suspects
71(1)
Identifying the Modus Operandi of Attack
72(1)
Evidence: Technical
73(1)
Evidence: Other
74(1)
Cybercrime Case Study
74(3)
Chapter 8 Containing and Remediating the Cyber Security Incident
77(6)
Containing the Cyber Security Incident
77(3)
Eradicating the Cyber Security Incident
80(2)
Note
82(1)
Chapter 9 Challenges in Cyber Security Incident Investigations
83(10)
Unique Challenges
84(7)
Cybercrime Case Study
91(2)
Chapter 10 Investigating the Cybercrime Scene
93(66)
The Investigation Team
96(5)
Resources Required
101(3)
Availability and Management of Evidence
104(1)
Technical Items
105(18)
Scene Investigation
123(29)
What Could Possibly Go Wrong?
152(3)
Cybercrime Case Study I
155(1)
Cybercrime Case Study II
156(2)
Notes
158(1)
Chapter 11 Log File Identification, Preservation, Collection, and Acquisition
159(8)
Log Challenges
160(1)
Logs as Evidence
161(1)
Types of Logs
162(2)
Cybercrime Case Study
164(1)
Notes
165(2)
Chapter 12 Identifying, Seizing, and Preserving Evidence from Cloud-Computing Platforms
167(58)
What Is Cloud Computing?
167(5)
What Is the Relevance to the Investigator?
172(1)
The Attraction of Cloud Computing for the Cybercriminal
173(1)
Where Is Your Digital Evidence Located?
174(1)
Lawful Seizure of Cloud Digital Evidence
175(2)
Preservation of Cloud Digital Evidence
177(1)
Forensic Investigations of Cloud-Computing Servers
178(4)
Remote Forensic Examinations
182(14)
Cloud Barriers to a Successful Investigation
196(7)
Suggested Tips to Assist Your Cloud-Based Investigation
203(3)
Cloud-Computing Investigation Framework
206(13)
Cybercrime Case Study
219(2)
Notes
221(4)
Chapter 13 Identifying, Seizing, and Preserving Evidence from Internet of Things Devices
225(6)
What Is the Internet of Things?
225(1)
What Is the Relevance to Your Investigation?
226(2)
Where Is Your Internet of Things Digital Evidence Located?
228(1)
Lawful Seizure of Internet of Things Evidence
228(1)
Notes
229(2)
Chapter 14 Open Source Evidence
231(6)
The Value of Open Source Evidence
231(2)
Examples of Open Source Evidence
233(3)
Note
236(1)
Chapter 15 The Dark Web
237(6)
Crime and the Dark Web
238(4)
Notes
242(1)
Chapter 16 Interviewing Witnesses and Suspects
243(14)
Suspect Interviews
245(1)
Witness Interviews
246(1)
Preparing for an Interview
247(3)
The Interview Process
250(4)
Closing the Interview
254(1)
Review of the Interview
254(1)
Preparation of Brief for Referral to Police
255(2)
Chapter 17 Review of Evidence
257(8)
Chapter 18 Producing Evidence for Court
265(8)
Digital Evidence and Its Admissibility
267(1)
Preparing for Court
268(5)
Chapter 19 Conclusion
273(4)
Glossary 277(6)
Index 283
DR. GRAEME EDWARDS, CFE, has been a cybercrime investigator with the Queensland Police Service Financial and Cyber Crime Group and has worked on numerous successful criminal investigations involving local and international jurisdictions. He facilitated the creation of the Victims of Financial Crimes Support Group to support those suffering losses associated with financial or cybercrime. Graeme is an experienced conference speaker and cybercrime investigation educator, provider of training in a corporate environment and conducts post investigation analysis. He has a Doctorate of Information Technology focusing on computer security, computer networking, and cloud computing investigation strategies.
Permanent link: https://www.kriso.lv/db/9781119596318_pe.html
Keywords: