Law management essay on: Forensic computing

1. Introduction:Forensic Computing is an off-shoot of digital forensic science which deals with legal issues involved with computers and digital storage media. It relates to identifying, protecting, improving, scrutinizing and presenting information in a sound manner. Broadly, it deals with investigation of criminal activities associated with computers and the digital world. However, it may also be used in civil cases. (Broucek, V, 2001).

With the advent and evolution of personal computers in the 1980s came the growth of cyber criminal activities. New computer crimes such as “hacking” became prevalent. This led to the need of a technique which could investigate and mitigate such crimes. Today, forensic computing techniques are used in investigating crimes ranging from child pornography to murder. Forensic computing is applied in civil cases as a tool to gather information.The practice of forensic computing started way back in 1980 and this was a response to the various virus attacks which started in World Wide Web during that period. As the usage of internet started increasing in 1990s, lawful agencies started investigating various matters and evidence that related to fraud investigations using computers as a storage device. World has come of ages in this field and the definition of the subject has taken a drastic change. Now forensic computing departments all over the world are looking into a more so proactive approach into their investigations and now inappropriate computer behavioral patterns have become critical source of evidence. (Broucek, V, 2001).

As per Hannan and turner around 300 people under 21 different departments are working full time in Australia under this field. (Hannan, M., 2003)All these people are directly connected to lawful agencies in Australia. In earlier definitions of Forensic accounting a suspect was only considered if it was suitable for court proceedings and that was the tipping point of any investigation to go forward. This definition is extremely narrow and the scope of work area is very limited and not accurate enough to continue in today’s world. The most accepted definition was presented by McKemmish during 1999 where he stated that forensic computing is a sum total of various process which are involved in identifying, analyzing, preserving and presenting various kind of digital evidence in a lawful manner. This manner should be presentable and legally acceptable. (McKemmish,1999).

2. Key Elements in Forensic Computing:According to him Forensic Computing is function of four key elements. These four elements are:

Þ    identification of various kinds of digital evidence;

Þ    preserving this evidence in the rightful manner;

Þ    analyzing this digitally available evidence; and

Þ    lastly the most important part is the presentation of digital evidence.

This definition by Mckemmish expanded the scope of Forensic computing and for the first time during that era forensic computing was clearly understood. With times this definition interpretation has changed and in ever evolving technology world a systematic change needs to be incorporated in the current system. Nowadays Forensic computing is not a passive function, it has gained more active dimension and lawful agencies are using these as means to control cyber crime before that happen. This approach is more of proactive natures whereby alert systems are raised before an attack or failure occur. Just think of simple Antivirus software these days, it is working on the background alongside all applications just to be aware of any potential threat to the computer system. (McKemmish, 1999).

3. Importance of Forensic Computing:The importance of Mckemmish definitions can still be drawn in today’s world. This definition showed that forensic computing is not only a function of technical approach, it also involves various humanistic factors and hence it can bring down to strict legal framework. The first step of identification nowadays involve humanistic factors like eye witness, DNA profiling, fingerprints, eye retina scanner etc. (McKemmish, 1999) In the second stage the definition talks about protection of digital evidence from rough weather, from harmful chemicals. As we can see it is now not only limited to digital factors, more and more approach is getting humanistic. Examination of evidence has now moved into court proceedings and has found a legal framework to work with. Forensic Computing is an off-shoot of digital forensic science which deals with legal issues involved with computers and digital storage media. It relates to identifying, protecting, improving, scrutinizing and presenting information in a sound manner. Broadly, it deals with investigation of criminal activities associated with computers and the digital world. However, it may also be used in civil cases.With ever evolving world of Internet, cyber crime has taken a huge plunge and as a result of this investigating agencies are using a more proactive and focused approach towards Forensic Accounting. Based upon the survey conducted by IDC, web security takes into consideration filtering of the URL’s, Internet applications, anti-malware offerings, firewalls, online content products, etc. It has been noticed that, such type of solutions would be able to protect the inbound as well as the outbound threats. Two more areas of the internet software’s have been encrypted. Two companies essentially share the digital certificates market: Symantec Corp. and Entrust Inc. For years, spam has been eating up bandwidth and infecting computers with viruses, and it’s becoming measurably worse. According to Symantec, 89.1% of all e-mail sent around the world in 2010 was spam, up from 87.7% in 2009 and 81.2% in 2008. A huge chunk of the unwanted mails come up with varieties of formats such as image files, zip files, power point files, etc & making it more complicated for conventional spam detectors to spot it out.

Although anti-spam companies battled spam successfully for a while by scanning sender information, content, and website links in e-mail messages, clever spammers were able to fight back and resume sending more spam messages. The SEC has filed many cases against spammers over the years, and the federal Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act of 2003 forced domestic e-mail marketers to refrain from the activity or face imprisonment. As a result, spammers now operate out of the reach of US law in places such as Asia, Eastern Europe, and Russia. In addition, the CAN-SPAM Act has a significant loophole in that it allows bulk e-mailing if messages are marked as advertising and contain a way for recipients to decline e-mails. This blurs the line between spam and corporate marketing through e-mail. (Hannan, 2003).As a result of more sophisticated, more widely deployed, and more aggressively managed anti-spam technologies, global spam volumes actually fell in 2010, according to Cisco Systems Inc. Tougher Chinese domain registration laws may make it more difficult for spammers to establish and operate such businesses. As a result, miscreants have moved on to more vulnerable technologies and targets. In earlier definitions of Forensic accounting a suspect was only considered if it was suitable for court proceedings and that was the tipping point of any investigation to go forward. This definition is extremely narrow and the scope of work area is very limited and not accurate enough to continue in today’s world. The most accepted definition was presented by McKemmish during 1999 where he stated that forensic computing is a sum total of various process which are involved in identifying, analyzing, preserving and presenting various kind of digital evidence in a lawful manner. This manner should be presentable and legally acceptable. Now forensic computing departments all over the world are looking into a more so proactive approach into their investigations and now inappropriate computer behavioral patterns have become critical source of evidence. As per Hannan and turner around 300 people under 21 different departments are working full time in Australia under this field. All these people are directly connected to lawful agencies in Australia.

Over the past two years, there was a shift in defense priorities by the Obama Administration away from large-scale weapons systems, such as the F-22 Raptor and selected missile defense programs. Benefiting from this change have been areas such as cyber security. A number of IT services companies (such as CACI International Inc., ManTech International Corp., and SAIC Inc.) offer these kinds of services and have been benefiting from this additional spending. We expect particular strength in the cyber security, systems integration, and intelligence areas. Market Research Media, a provider of market analysis, looks for the US federal cyber security market to grow at a CAGR of 6.2% between 2010 and 2015. Former US Secretary of Defense Robert Gates, who retired in June 2011, had stated that he wanted the Department of Defense (DOD) to use common IT systems, which could lead to opportunities for companies that specialize in systems integration.

4. Conclusion:With this advancement in Internet technology and increased dependence of Governments on the information age, Cyber security has gained momentum and with it advancement has taken place in the field of forensic accounting. In this digital age there is highly a need of system whereby the scope of definition is increased for forensic computing. Definition provided by Mckemmish had a wider scope during the early 2000’s but the leap in information technology this field needs another definition which can look into the proactive nature that the field of forensic Computing has adopted. (McKemmish, 1999)