What do I have to do? What should I study? What next?
- Published 25.06.09
Cyber crimes are illegal activities committed using computers. The target of criminal activity can be a computer, a network or operations. It can also be against a person, an organisation or a government.
Given our increasing dependence on computing technology and the growing opportunity to use engineering technologies to engage in illegal, unauthorised and unethical acts, every organisation is at risk.
Cyber forensic experts gather evidence and establish credible audit trails of electronic wrongdoing. They identify, gather, document and preserve evidence of electronic tampering and misuse. Computer forensics is a branch of forensic science pertaining to legal evidence found in computers and other digital storage mediums. It entails gathering, processing, interpreting, and use of digital evidence to provide a conclusive description of cyber crimes. Cyber forensics also includes the act of making digital data suitable for inclusion in criminal investigation. Today, cyber forensics is a term used in conjunction with law enforcement and computer forensics experts are often called cyber cops or digital detectives.
Electronic evidence is fragile and can be easily modified. Cyber criminals wipe, disguise, cloak, encrypt and destroy evidence from storage media using a variety of freeware, shareware and commercially available utility programmes. A global dependency on technology combined with the expanding presence of the Internet resource requires that corporate assets be well protected.
When those assets come under attack, cyber forensic professionals gather electronic evidence of such misuse and utilise that evidence to bring to justice those who are responsible.
What do I have to do?
Cyber forensic experts present testimonies in court regarding digital evidence and pass on the results obtained to law enforcement professionals.
In India, the major thrust is on development of indigenous tools for cyber forensics and providing technical services and training to law enforcement agencies. These tools are developed in consultation with the police. High quality forensic tools that are guaranteed to produce results are used by various agencies and analysis centres such as the Central Bureau of Investigation, army, Intelligence Bureau, forensic science labs and state police.
The technical services provided are evidence reporting, analysis, evidence collection and data recovery — resurrection of deleted files, analysis of file access, modification, creation, viewing and analysis of systems and application logs.
It also involves determining the activity of users and / or applications on a system, discovery of the IP address, host names, network routes and website information; analysis of emails for source information and content; support to email tracing and email recovery; support to analysis of log files for intrusion detection and tracing; support to identification of methods and technologies for tracking resources and personnel on the Net.
As a subject cyber forensics is still in its infancy. With technology evolving, mutating and changing at such a rapid pace, the rules governing the application of cyber forensics to the fields of auditing, security and law enforcement are changing as well.
Almost daily, new techniques and procedures are designed to provide cyber forensic professionals a better means of finding electronic evidence, collecting it, preserving it and presenting it to client management for potential use in the prosecution of cyber criminals.
What should I study?
BE, BTech or a degree in computer science, computer applications, IT or BSc in maths, physics, statistics or electronic science. Technical and analytical skills are also a must.
Although relatively new, cyber forensics is a growing field. That’s because computer crimes have increased so rapidly that they’ve become a fact of life. A career in cyber forensics can be sought both in the public and private sectors. In the public sector, people are mostly employed in law enforcement agencies, state forensic departments and central agencies. In the private sector, the scope for cyber forensic experts is immense as many experts are required to detect and solve the increasing number of cyber crimes. After sufficient exposure, professionals can become independent security consultants. Some positions in this field are those of a cyber forensic investigator, Internet security officer, systems administrator and systems or business analyst.