Presentation is loading. Please wait.

Presentation is loading. Please wait.

Electronic Crime: Incident Reporting and Forensics Between Law Enforcement and Private Industry D/Sgt. Michael Harrington CEECS, CFCE, EnCE Michigan State.

Published byCalvin Cole Modified over 8 years ago

Similar presentations

Presentation on theme: "Electronic Crime: Incident Reporting and Forensics Between Law Enforcement and Private Industry D/Sgt. Michael Harrington CEECS, CFCE, EnCE Michigan State."— Presentation transcript:

1 Electronic Crime: Incident Reporting and Forensics Between Law Enforcement and Private Industry D/Sgt. Michael Harrington CEECS, CFCE, EnCE Michigan State Police Computer Crimes Unit

2 Topics  MSP Computer Crimes Unit  Trends  Evidence Collection  Incident Reporting  Evidence Analysis

3 Mission Statement  CCU was established to provide computer and Internet investigative support in the acquisition of digital evidence for the law enforcement community.

4

5 Forensic & Investigative Services  Forensics –Perform Forensic examinations of computers –Assist state, county, & local law enforcement agencies  Investigations –Online Investigations –Illegal Websites –Hacking complaints –Internet Crimes Against Children

6 Trends  Child Exploitation  Identity Theft –Ebay –Credit Cards –Phishing  Organized Crime

7 Fraud Trends

8 Phishing  What is “Phishing”? –Phishing defined: the act of attempting to fraudulently acquire through deception sensitive personal information such as passwords and credit card details by masquerading in an official-looking email, IM, etc. as someone trustworthy with a real need for such information. –Wikipedia.org

9 Phishing  Growing faster than any other online threat  The number of unique phishing email attacks increased by 1400% in 2004  An estimated $300-$400 million in fradulent (read unauthorized) bank transfers last year

10 Phishing  Phishing has been called “The Perfect Crime” –All that is needed is a PC, Internet and a little ingenuity –Difficult to catch the criminals –Hackers are doing for profit and criminals following suit

11 Phishing  People who receive Phishing attacks are three times as likely to become victims.  Phishing scams are for sale on the internet  Ebay hijacking becoming more and more common (phishing example)phishing example

12 Phishing  How is phishing done? –Believable email to victim –Use programming tricks to hide fake sites –Using pop-up windows to cloak the real address in the victim’s address bar –“Pharming” victim redirected to a scam website when the victim types in the real address

13 Phishing  How can you protect yourself? –Monitor credit card statements, bills –Keep up-to-date anti-virus protection/anti- spyware/firewallsoftware installed –Obtain credit reports on a regular basis –Don’t answer unknown email –If it looks to good to be true….

14 Child Exploitaion  Business maybe liable to victims if employees are using company Internet for illicit activities  Control chat programs/internet usage through routine monitoring of systems  Hostile work environment through inappropriate usage  AUP/Banners/Incident Response Plans

15 Liability  Mobile Units –PDAs –Mobile Phones  Wireless Connections  Web Applications  Banners, AUP, Employee Handbooks

16 Incident Reporting  Must report to the agency that has jurisdiction for the alleged offense  Who/what/when/where/how  Explain in plain English the incident  www.michiganlegislature.org/www.antiphishing.o rg www.michiganlegislature.org/www.antiphishing.o rg  Contact local law enforcement for Digital Forensic contact  MSP Computer Crimes Contact

17 Digital Forensics

18  Definition  Develop a methodology  Evidence Collection  Evidence Analysis

19 Digital Forensics  Definition-Digital Investigation –Process where we develop and test hypothesis that answer questions abut digital events using the scientific method –Carrier, Brian. File System Forensic Analysis, Addison Wesley 2005

20 Digital Forensics  Definition-Digital Evidence –A digital object that contains reliable information that supports or refutes a hypothesis. –Carrier, Brian. File System Forensic Analysis, Addison Wesley 2005

21 Digital Forensics  Definition-Digital Forensic Investigation –Process that uses science and technology to analyze digital objects and develops and tests theories which can be entered into a court of law to answer questions about events that have occurred. –Carrier, Brian. File System Forensic Analysis, Addison Wesley 2005

22 Digital Forensics  Digital Investigations comprised of three phases –1) System Preservation Reduce the amount of evidence that may be overwritten This continues after acquisition because of further analysis and court

23 Digital Forensics  Digital Investigations comprised of three phases –2) Evidence Searching Looking for data to support or refute event theories Keywords, internet history graphics

24 Digital Forensics  Digital Investigations comprised of three phases –3) Incident Analysis This phase is done to reconstruct the execution of the event The “how” of the incident

25 Evidence Collection  Evidence Collection should be done in a forensically sound manner –Baseline –Minimize invasiveness –Protect original –Document everything

26 Evidence Analysis  Develop/adopt a forensic methodology –Examine and document the original System Settings Peripherals Add on cards –Write protect hard disks, media –Create an exact bit by bit “forensic copy” of the subject media

27 Evidence Analysis  Maintain a controlled environment  Correlate and validate data obtained  Document actions taken and evidence obtained

28 Forensic Software  Commercial software –EnCase Enterprised Edition –SMART for Linux –Forensic Tool Kit –ProDiscover  Open Source –Sleuthkit/autopsy –Live Linux Cds Helix Knoppix STD

29 Questions? D/Sgt. Michael Harrington 4000 Collins Rd Lansing MI 48910 TX: 517.336.2010 harringm@michigan.gov chimp@forensic-mind.com

Download ppt "Electronic Crime: Incident Reporting and Forensics Between Law Enforcement and Private Industry D/Sgt. Michael Harrington CEECS, CFCE, EnCE Michigan State."

Similar presentations

Jennifer Perry. We help victims of e-crime and other online incidents – Web based service – Providing practical, plain language advice – No-nonsense advice.

Jennifer Perry. We help victims of e-crime and other online incidents – Web based service – Providing practical, plain language advice – No-nonsense advice.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.

BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Fraud, Scams and ID Theft …oh my! Deb Ramsay ESD 101 Chief Information Officer Technology Division.

Fraud, Scams and ID Theft …oh my! Deb Ramsay ESD 101 Chief Information Officer Technology Division.
Protect Yourself Against Phishing. The good news: The number of US adult victims of identity fraud decreased from 9.3 million in 2005, to 8.4 million.

Protect Yourself Against Phishing. The good news: The number of US adult victims of identity fraud decreased from 9.3 million in 2005, to 8.4 million.
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
8 Mistakes That Expose You to Online Fraud to Online Fraud.

8 Mistakes That Expose You to Online Fraud to Online Fraud.
© 2004 TransUnion LLC. All Rights Reserved. August 10, 2005 Seven Easy Steps to Fraud Prevention Northwestern University Clifton M. O’Neal Director, Corporate.

© 2004 TransUnion LLC. All Rights Reserved. August 10, 2005 Seven Easy Steps to Fraud Prevention Northwestern University Clifton M. O’Neal Director, Corporate.
© 2008. Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.

© Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.
Introduction to Computer Forensics Fall 2007. Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (http://www.forensics.nl).http://www.forensics.nl.

Introduction to Computer Forensics Fall Computer Crime Computer crime is any criminal offense, activity or issue that involves computers (
COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J. 2009 w/ T. Scocca.

COEN 252 Computer Forensics Introduction to Computer Forensics  Thomas Schwarz, S.J w/ T. Scocca.
CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.

CJ © 2011 Cengage Learning Chapter 17 Cyber Crime and The Future of Criminal Justice.
Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.

Department of Mathematics Computer and Information Science1 Basics of Cyber Security and Computer Forensics Christopher I. G. Lanclos.
How It Applies In A Virtual World

How It Applies In A Virtual World
TRACs Security Awareness FY2009 Office of Information Technology Security 1.

TRACs Security Awareness FY2009 Office of Information Technology Security 1.
An Event-based Digital Forensic Investigation Framework Brian D. Carrier Eugene H. Spafford DFRWS 2004.

An Event-based Digital Forensic Investigation Framework Brian D. Carrier Eugene H. Spafford DFRWS 2004.
Securing Information Systems

Securing Information Systems
Cyber Crime & Security Raghunath M D BSNL Mobile Services,

Cyber Crime & Security Raghunath M D BSNL Mobile Services,

Similar presentations

Ads by Google