You are previewing Cyber Crime and Cyber Terrorism Investigator's Handbook.
O'Reilly logo
Cyber Crime and Cyber Terrorism Investigator's Handbook

Book Description

Cyber Crime and Cyber Terrorism Investigator’s Handbook is a vital tool in the arsenal of today’s computer programmers, students, and investigators. As computer networks become ubiquitous throughout the world, cyber crime, cyber terrorism, and cyber war have become some of the most concerning topics in today’s security landscape. News stories about Stuxnet and PRISM have brought these activities into the public eye, and serve to show just how effective, controversial, and worrying these tactics can become.

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Acknowledgments
  6. Endorsements
  7. Contributors
  8. Author Biography
    1. Babak Akhgar
    2. Andrew Staniforth
    3. Francesca Bosco
  9. Foreword
  10. Preface
  11. Chapter 1: Cyberspace: The new frontier for policing?
    1. Abstract
    2. The Shape of the Challenge
    3. The Size of the Challenge
    4. The Response
    5. Conclusion
  12. Chapter 2: Definitions of Cyber Terrorism
    1. Abstract
    2. Introduction
    3. The Confusion About Cyber Terrorism
    4. Cyber Terrorism Definition
    5. Has Cyber Terrorism Ever Occurred?
    6. Conclusions
  13. Chapter 3: New and emerging threats of cyber crime and terrorism
    1. Abstract
    2. Introduction
    3. Some Historic Milestones
    4. Cyber Security Lessons not Learned from Previous ICT Innovation Cycles
    5. Organizational Aspects not Learned From Previous ICT Innovation Cycles
    6. Emerging Threats
    7. Conclusions
  14. Chapter 4: Police investigation processes: practical tools and techniques for tackling cyber crimes
    1. Abstract
    2. Introduction
    3. Investigative Decision Making
    4. Investigative Problem Solving
    5. Developing Investigative Hypothesis
    6. Investigative Innovation
    7. Investigators Contact Management
    8. Investigating Crime and Terror
    9. Conclusion
  15. Chapter 5: Cyber-specifications: capturing user requirements for cyber-security investigations
    1. Abstract
    2. Introduction
    3. User Requirements and the Need for a User-Centered Approach?
    4. Balancing Technological and Human Capabilities
    5. Conducting User Requirements Elicitation
    6. Capturing and Communicating User Requirements
    7. Conclusion
    8. Acknowledgment
  16. Chapter 6: High-tech investigations of cyber crime
    1. Abstract
    2. Introduction
    3. High-Tech Investigations and Forensics
    4. Core Concepts of High-Tech Investigations
    5. Digital Landscapes
    6. The “Crime Scene”
    7. Reviewing the Requirements
    8. Starting the Analysis
    9. Core Evidence
    10. Case Study
    11. Summary
  17. Chapter 7: Seizing, imaging, and analyzing digital evidence: step-by-step guidelines
    1. Abstract
    2. Introduction
    3. Establishing Crime
    4. Collecting Evidence for a Search Warrant
    5. Reported by a Third Party
    6. Identification of a Suspects Internet Protocol Address
    7. IP Spoofing
    8. Anonymizing Proxy Relay Services
    9. Intrusion Detection Systems, Network Traffic and Firewall Logs
    10. Interviews with Suspects
    11. Analysis of Suspects Media
    12. Doxing
    13. Collecting Evidence
    14. Seizing Equipment
    15. Search for Written Passwords
    16. Forensic Acquisition
    17. RAM
    18. Image
    19. Forensic Analysis
    20. Anti-forensics
    21. RAM Analysis
    22. Data Carving and Magic Values
    23. Media Storage Forensics
    24. Partitions
    25. Master Boot Record
    26. The VBR and BIOS Parameter Block
    27. File System
    28. File Table
    29. Searching for Evidence
    30. Keyword and Phrases Search
    31. Recovering Deleted Information
    32. Recovering Deleted Files and Folders
    33. Recovering Deleted Partitions
    34. Where Evidence Hides
    35. Registry
    36. Most Recently Used Lists
    37. LastWrite Time
    38. Hiberfil.sys
    39. Pagefil.sys
    40. System Volume Information Folders
    41. Chapter Summary
  18. Chapter 8: Digital forensics education, training and awareness
    1. Abstract
    2. Introduction
    3. Digital Forensics Laboratory Preparation and Training
    4. Digital Anti Forensics Tools and Approaches
    5. The Main Difficulties Faced by Law Enforcement Officers Fighting Cyber-Crime
    6. Educational Provision for the Study of Computer Forensics
    7. The CFM Methodology
    8. Conclusions
  19. Chapter 9: Understanding the situational awareness in cybercrimes: case studies
    1. Abstract
    2. Introduction
    3. Taxonomical Classification of Cybercrime/Cyberterrorism
    4. Case Studies
    5. Political/Publicity/Self-Actualization: The Case of the Syrian Electronic Army
    6. The Case of Stuxnet
    7. The Cyber-Attacks on Banks
    8. The Case of the Anonymous Attacks on Scientology
    9. Self-Actualization: The Case of “Mafiaboy”
    10. Strategic Responses to Cyber Attacks
    11. Concluding Remarks
  20. Chapter 10: Terrorist use of the internet
    1. Abstract
    2. Terrorist Use of the Internet
    3. Propaganda—Indoctrination—Recruitment
    4. The Role of the Video
    5. Online Forums—Blogs
    6. Online Social Network Services
    7. Radicalization Process on the Internet
    8. Particular Case: Lone Wolf
    9. Information Sharing
    10. Future Developments
    11. Conclusion
  21. Chapter 11: ICT as a protection tool against child exploitation
    1. Abstract
    2. Introduction
    3. Key Issues and Challenges
    4. Information Awareness and Better Education
    5. Government Responsibilities and Legal Framework
    6. Technical Issues and Challenges
    7. Child-Centered Information Flows
    8. CBCT Response System
    9. Conclusions
  22. Chapter 12: Cybercrime classification and characteristics
    1. Abstract
    2. Introduction
    3. What is Cybercrime?
    4. What Are the Classifications and Types of Cybercrime?
    5. Cybercrime Categories
    6. Cyber-Attack Methods and Tools
    7. Conclusion
  23. Chapter 13: Cyber terrorism: Case studies
    1. Abstract
    2. Introduction
    3. Case Studies—Activities in Cyberspace Attributed to Terrorist Organizations
    4. Analysis of Capabilities
    5. Technological Capabilities, Intelligence Guidance, and Operational Capacity
    6. Conclusion
  24. Chapter 14: Social media and Big Data
    1. Abstract
    2. Introduction
    3. Big Data: The Asymmetric Distribution of Control Over Information and Possible Remedies
    4. Big Data and Social Surveillance: Public and Private Interplay in Social Control
    5. The Role of the E.U. Reform on Data Protection in Limiting the Risks of Social Surveillance
    6. Preserving the E.U. Data Protection Standard in a Globalized World
  25. Chapter 15: Social media and its role for LEAs: Review and applications
    1. Abstract
    2. Introduction
    3. Features of Social Media Users and Use
    4. LEA Usage Scenarios for Social Media
    5. Concluding Remarks
  26. Chapter 16: The rise of cyber liability insurance
    1. Abstract
    2. A Brief History of Insurance
    3. Business Interruption Insurance
    4. What Is Cyber Liability?
    5. Cyber Risks—A Growing Concern
    6. The Cyber Threat
    7. A Changing Regulatory Landscape
    8. ICO Notification
    9. What Does Cyber Liability Insurance Cover?
    10. Who Offers Cyber Liability Insurance and What Should Customers Look Out For?
    11. Conclusion
  27. Chapter 17: Responding to cyber crime and cyber terrorism—botnets an insidious threat
    1. Abstract
    2. Introduction
    3. A Botnet Roadmap
    4. Botnets How Do They Work. Network Topologies and Protocols
    5. Case Study—Eurograbber (2012)
    6. Case Study—ZeroAccess (2013)
    7. Countermeasures for Fighting Botnets or Mitigating Botnets Effects
    8. Conclusion and Future Trends (TOR, Mobile and Social Networks)
  28. Chapter 18: Evolution of TETRA through the integration with a number of communication platforms to support public protection and disaster relief (PPDR)
    1. Abstract
    2. Introduction
    3. Technological and Economic Barriers and Issues
    4. Progress Beyond the State-of-the-Art
    5. Proposed PPDR Communication Network Architectural Solutions
    6. Conclusion
  29. Index