How to Catch Computer CriminalsHow to Catch Computer Criminals
FBI issues guidelines to help local cops nail online bad guys
January 17, 2007
Ever wonder how the cops are trained to investigate computer crime? Now you don't have to.
The FBI last week issued a 137-page report that offers guidelines, tips, and advice to local law enforcement agencies on how to respond to and investigate computer crime. The report offers descriptions of common computer crimes and how to detect them.
The report is especially thorough in its discussions of how to locate and preserve evidence that might help convict a computer criminal. While the guide is intended for law enforcement people, it offers some advice that could be useful to enterprise security managers who suspect their computers may have been used to commit a crime.
For example, first responders often make the mistake of trying to navigate the suspect's computer in search of evidence -- without documenting or preserving the data that was already there, the guide says. Preserving what's on the suspect's screen (as well as logs on the PC and at the Internet service provider) can make or break a case.
"Complex evidentiary issues are frequently encountered in Internet and network investigations," the report says. "Evidence should be expeditiously retrieved and preserved." Time and date stamp information may be key in prosecuting a case, the guide notes.
While the guide offers information on how to investigate suspected crimes and protect evidence, it also describes the need for warrants and permissions in order to investigate suspected crimes. In some cases, an enterprise may choose to ask for a warrant before allowing law enforcement agencies to check their systems.
Experts say the FBI's guide may help prevent local law enforcement agencies, or enterprises, from botching a court case against a suspected computer criminal.
— Tim Wilson, Site Editor, Dark Reading
About the Author(s)
Tricks to Boost Your Threat Hunting GameNov 06, 2023
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks