1、Extended Learning Module HComputer Crime and Digital ForensicsINTRODUCTIONComputers are involved in crime in two waysAs the targets of misdeedsAs weapons or tools of misdeedsComputer crimes can be committed Inside the organizationOutside the organizationExamples of Computer Crimes Outside the Organi
2、zationMalware software designed to harm your computer or computer securityVirus software that is written with malicious intent to cause annoyance or damageWorm a computer virus that spreads itself from computer to computer via e-mail and other Internet trafficOther Types of MalwareSpoofingTrojan Hor
3、seKeylogger(key trapper)software a program that,when installed on your computer,records every keystroke and mouse clickMisleading e-mailDenial-of-service attacks RootkitWeb defacingDistributed Denial-of-Service AttackCyber WarCyber war actions by a nation-state to penetrate another nations computers
4、 or networks for the purposes of causing damage or disruptionMaybe the next major attack on the U.S.Some intrusions into critical systems have already taken place PlayersHackers knowledgeable computer users who use their knowledge to invade other peoples computersThrill-seeker hackers break into com
5、puter systems for entertainmentWhite-hat(ethical)hackers computer security professionals who are hired by a company to uncover vulnerabilities in a networkPlayersBlack hat hackers cyber vandals.Theyre the people who exploit or destroy information Crackers hackers for hire,the people who engage in el
6、ectronic corporate espionageSocial engineering acquiring information that you have no right to by means of deceptionPlayersHacktivists politically motivated hackers who use the Internet to send a political messageCyberterrorists those who seek to cause harm to people or destroy critical systems or i
7、nformationPlayersScript kiddies(or bunnies)people who would like to be hackers but dont have much technical expertiseAre often used by experienced hackers as shieldsDIGITAL FORENSICSDigital forensics the collection,authentication,preservation,and examination of electronic information for presentatio
8、n in courtTwo phases1.Collecting,authenticating,and preserving electronic evidence2.Analyzing the findingsPhase 1:PreservationIf possible,hard disk is removed without turning computer onSpecial forensics computer is used to ensure that nothing is written to drive Forensic image copy an exact copy or
9、 snapshot of all stored informationPhase 2:AnalysisInterpretation of information uncoveredRecovered information must be put into contextDigital forensic software pinpoints the files location on the disk,its creator,the date it was created and many other features of the fileModern Digital Forensics Has Many Components
