In the past, computers were the targets of malicious programmes that cause distraction and disruption to the usage of the computer, often with no other purpose than inconveniencing users, whoever they might be.
Today the focus of attacks on computers has broadened to incorporate all devices that handle digital information and the people that use them. The list of criminal activity has also expanded to mirror the typical traditional crimes perpetrated on individuals, such as identification theft, stolen credit card information, robbery, fraud, spying, espionage, unauthorised access and usage and so on.
Such crimes on computing devices are made possible by the Internet and the networking of devices in general. Cyber crimes throughout the World, including India, are increasing at a fast pace causing monetary and personal losses to individual, corporations and governmental institutions. There is an increased measure to effectively tackle cyber crimes starting with awareness, training and legalisation.
As in all crime, police use data gathering and forensics methods to build their case and in computer related crimes, this is no different. A specialist field in computer science is Digital Forensics which analyses computers and digital storage devices like smartphones, external USB storage devices, cameras, etc. to extract data to build a timeline of activity of the user and to investigate the files on the device. Specialist programmes are used to help the investigator like AccessData Forensics Tool Kit and Guidence Software’s EnCASE Forensics Tools, to extract the data in a forensics accepted manner.
In colleges and Universities throughout the world, degree and postgraduate courses have began teaching Digital Forensics to students with great success. The students are very interested in seeing what can be recovered from digital devices and as a result of this interest, they get to learn about how operating systems work, how application systems operate and about the network systems the computers are attached.
Skills of the forensics investigator cover file systems operation and management, encryption, password cracking, data analysis, malware operation, rootkits, useage of tools like FTK or EnCASE and report writing skills.
New areas in digital forensics are Cloud Forensics and eDiscovery. As data moves from local storage on local devices into Cloud Services, the traditional forensics methods don’t apply and new approaches are being developed to handle the new media and business modelling.
The eDiscovery approach is required in many law court cases to locate potential evidence in case trials based on agreed search criteria so lawyers and police need to be educated on the methods and tools for eDiscovery as they would about any other part of their profession.
The Institute of Technology Blanchardstown, Dublin, Ireland, (http://www.itb.ie) has courses at the degree and postgraduate degree levels in Information Security & Digital Forensics covering areas such as Digital Forensics, Cyber Crime Investigations, Secure Communications, Network Security, Biometrics, Business Continuity and Disaster Recovery. These courses include current industry certifications (such as CCNA Security and AccessData Certified Examiner (ACE)) as well as internationally recognised degree certification.
Currently studying on these courses are Indian students from many major cities in India including New Delhi, Bangalore and Hyderabad.
Parallel to the taught programmes, the Institute has research projects in the Information Security and Digital Forensics areas at masters and PhD levels that are run in partnership with companies and focus on real-world problems. More information can be obtained from http://www.digitalsecurity2020.com on the research programmes and career opportunities.
(The writer is the principle investigator in the Information Security & Digital Forensics (ISDF) research group, Institute of Technology Blanchardstown, Ireland.)