High-Technology Crime Investigator's Handbook - Edition 2 - By Gerald L. Kovacich, CFE, CPP, CISSP and William C. Boni, CISA, MBA Elsevier Inspection Copies

Purchase textbook

High-Technology Crime Investigator's Handbook,

Edition 2 Establishing and Managing a High-Technology Crime Prevention Program

By Gerald L. Kovacich, CFE, CPP, CISSP and William C. Boni, CISA, MBA

Publication Date: 25 Aug 2006

0 Reviews

Digital copy not yet available

The high-technology crime investigator's profession is one of the fastest growing professions in the world today, as information security issues and crimes related to them are growing in number and magnitude at an ever-increasing pace. High-Technology Crime Investigator's Handbook, Second Edition, informs professionals of the potential risks of computer crimes, and serves as a guide to establishing and managing a high-technology crime investigative program. Each chapter is updated with the latest information and guidance, including added coverage of computer forensics and additional metrics to measure organizational performance. In addition, nine new chapters cover emerging trends in the field, and offer invaluable guidance on becoming a successful high-technology crime investigator.

Key Features

Provides an understanding of the global information environment and its threats
Explains how to establish a high-technology crime investigations unit and prevention program
Presents material in an engaging, easy-to-follow manner that will appeal to investigators, law enforcement professionals, corporate security and information systems security professionals; as well as corporate and government managers

About the author

By Gerald L. Kovacich, CFE, CPP, CISSP, Security consultant, lecturer, and author, Oak Harbor, WA, USA and William C. Boni, CISA, MBA, Director, Information Security for Motorola Corporation. He has worked as the Director of Information Protection Practices for Amgen; as a U.S. Army counterintelligence officer; federal agent and investigator; and a security consultant for such firms as PricewaterhouseCoopers and Ernst & Young

Part I: Introduction to the High-Technology Crime Environment

Introduction

Chapter 1: What Investigators Should Know About the High-Technology-Supported Global Environment and Its Threats

Publisher Summary
INTRODUCTION
THE GLOBALIZATION OF THE MARKETPLACE
HIGH TECHNOLOGY IS RAPIDLY CHANGING THE WORLD
THE THREE BASIC STEPS OF COMPUTER OPERATIONS
HIGH-TECHNOLOGY THREATS
CASE EXAMPLE: DON’T RUSH TO JUDGE
OTHER AREAS OF INTEREST
SUMMARY

Chapter 2: High-Technology Crime Miscreants: Profiles, Motives, and Philosophies

Publisher Summary
INTRODUCTION
A BRIEF HISTORY OF HIGH-TECHNOLOGY CRIME AND ITS ASSOCIATED MISCREANTS
REQUIREMENTS TO COMMIT A HIGH-TECHNOLOGY CRIME
AN EXAMPLE OF A CORPORATE EMPLOYEE AND THE “CRIME TRIAD¿
INSIDER THREATS
OUTSIDER THREATS
WHO ARE THE HIGH-TECHNOLOGY MISCREANTS AND OTHERS ON THE INTERNET?
HACKERS, CRACKERS, AND PHREAKERS, OH MY!
PROFILE OF THE HIGH-TECHNOLOGY AND INTERNET FRAUDSTERS
HIGH-TECHNOLOGY TERRORISTS
WHY USE TERRORIST METHODS?
WHAT IS A TERRORIST ACT?
RESULTS OF TERRORIST ACTIONS
TERRORIST TECHNOLOGY THREAT ENVIRONMENT
HIGH-TECHNOLOGY ECONOMIC AND INDUSTRIAL ESPIONAGE ON THE INTERNET—NETSPIONAGE
INDUSTRIAL AND ECONOMIC ESPIONAGE DEFINED
TRY CATCHING THESE MISCREANTS!
PROPRIETARY ECONOMIC INFORMATION
ECONOMIC ESPIONAGE VULNERABILITIES
INFORMATION WARRIORS AND CYBER WARRIORS
SOPHISTICATED DRUG DEALER USE OF HIGH TECHNOLOGY
SUMMARY

Chapter 3: The Basic Techniques Used by High-Technology Crime Miscreants

Publisher Summary
INTRODUCTION
INTERNAL AND EXTERNAL ATTACKS
HIGH-TECHNOLOGY MISCREANTS’ BASIC APPROACH TO ATTACKING NETWORKS*
BASIC USE OF PHYSICAL AND HUMAN INTELLIGENCE COLLECTION METHODS: THEFT AND SOCIAL ENGINEERING
OTHER COMPUTER-RELATED TECHNIQUES USED BY BOTH INSIDERS AND OUTSIDERS
SYSTEM MANIPULATION
USING THE GII, INTERNET, AND NII TO SEARCH FOR TOOLS
ATTACK TOOLS FOUND ON THE INTERNET AND USED PRIMARILY TO ATTACK INTERNET-CONNECTED TARGETS
SOME ADDITIONAL COMMON METHODS OF INTERNET ATTACK
OTHER METHODS, TOOLS, AND TECHNIQUES
EXAMPLE OF HACKER NAIVETÉ
ELECTRONIC MAIL
CELLULAR TELEPHONES: CLONING AND OTHER FRAUDS
THREATS, VULNERABILITIES, AND RISKS
CLIP-ON FRAUD
INFORMATION OF INVESTIGATIVE INTERESTS
COLORED BOXES AND TELECOMMUNICATIONS FRAUD
PBX ATTACKS
CASE EXAMPLE: AN ONLINE COMPUTER IS ALWAYS UNDER ATTACK
SUMMARY

Chapter 4: The Basic Information Systems Security Techniques Used to Defend Against High-Technology Crime Miscreants

Publisher Summary
INTRODUCTION
BASIC INFOSEC CONCEPTS
INFOSEC PROCESSES OR FUNCTIONS
THE INFORMATION SYSTEMS SECURITY OFFICER (ISSO)
INFOSEC AND ISSO GOALS AND OBJECTIVES
RISK MANAGEMENT
OTHER ASPECTS OF AN INFOSEC PROGRAM
INFOSEC ORGANIZATION
PREVENTIVE CELLULAR PHONE FRAUD MEASURES
SECURITY REQUIREMENTS FOR VOICE MESSAGING OPERATIONS
PBX PROTECTION
E-MAIL PROTECTION
NEW MISCREANT TECHNIQUES BRINGS NEW DEFENSIVE METHODS
PROTECTING SEMICONDUCTORS—MICROCARVING
SUMMARY

Part II: Introduction to High-Technology Crime Incidents and Crime Investigations

Introduction

Chapter 5: Investigating High-Technology Crimes

Publisher Summary
INTRODUCTION
SIGNIFICANCE OF COMPUTERS IN CRIME AND INVESTIGATIONS
VIOLATIONS OF ORGANIZATION POLICIES
SEARCHING A COMPUTER: WARRANTS AND POLICY ISSUES
OPERATIONS PLAN
THE SEARCH PROCEDURES
A HIGH-TECHNOLOGY CRIME SCENE
SUMMARY

Chapter 6: Responding to High-Technology Incidents and Crimes

Publisher Summary
INTRODUCTION
PREINCIDENT PREPARATIONS
RESPONSIBILITIES AND DUTIES
TRAINING
THE INCIDENT HANDLING PLAN
IDENTIFICATION OF AN ATTACK
CONTAINMENT
ESCALATION
BRIEFINGS BEFORE THE INVESTIGATION STARTS
EQUIPMENT AND TOOLS
DEFINE AND DOCUMENT THE CASE
SECURING THE SCENE OF THE INCIDENT
THE FIRST RESPONDER
THE INVESTIGATIVE PROCESS
SUMMARY

Chapter 7: The Collection of Evidence

Publisher Summary
INTRODUCTION
HOW DO YOU GO ABOUT SEIZING THE EVIDENCE?
THE LAW
THE FIRST RESPONDER
HEALTH AND SAFETY
A GUIDE TO SEIZING EVIDENCE
PROCEDURES FOR SEIZING A STANDALONE COMPUTER
PROCEDURES FOR COLLECTING EVIDENCE FROM A NETWORK
OTHER ELECTRONIC DEVICES THAT MAY CONTAIN RELEVANT INFORMATION
SUMMARY

Chapter 8: Interviews and Interrogations

Publisher Summary
INTRODUCTION
WHO, HOW, WHERE, WHEN, WHY, WHAT
DEALING WITH VICTIMS
DEALING WITH WITNESSES
PERSONAL DESCRIPTIONS
DEALING WITH SUSPECTS
CASE STUDY: COMPELLING SUSPECTS TO PROVIDE ACCESS INFORMATION
SUMMARY
APPENDIX 8-1 INVESTIGATIVE DESCRIPTIVE AID TO ASSIST IN PERSONAL DESCRIPTIONS

Chapter 9: An Introduction to Computer Forensics

Publisher Summary
INTRODUCTION
THE STAGES THAT MAKE UP THE FORENSIC PROCESS
WHO WILL DIRECT THE COMPUTER FORENSICS EFFORTS?
GUIDELINES
STRATEGY FOR AN INVESTIGATION
PROCEDURE FOR A FORENSIC INVESTIGATION
PURPOSE OF THE INVESTIGATION
BUSINESS DECISIONS
THE FULL INVESTIGATION
THE CHASE
RESTORATION
THE ANALYSIS
EXAMINATION OF PDAS
EXAMINATION OF MOBILE PHONES
EXAMINATION OF FLASH MEMORY MEDIA
CASE STUDY 1
CASE STUDY 2
SUMMARY

Chapter 10: Establishing and Managing a Computer Forensics Laboratory

Publisher Summary
INTRODUCTION
ESTABLISHING THE LABORATORY
COMPUTER FORENSICS LABORATORY MANAGEMENT AND STAFF
COMPUTER FORENSICS LABORATORY: PHYSICAL SIZE
AN EXAMPLE OF A COMPUTER FORENSICS LABORATORY
WHO WILL BE YOUR CUSTOMERS?
CASE PRIORITY
ALLOCATION OF DUTIES
STAFF TRAINING AND EXPERIENCE
STAFF AND LABORATORY PRODUCTIVITY
PROCEDURES FOR QUALITY REVIEW
EQUIPMENT TESTING
STANDARDS
POLICY ON OUTSOURCING
POLICY ON USE OF EXTERNAL EXPERTS
COUNSELING
EQUIPMENT AND SOFTWARE
INFORMATION RESOURCES
HEALTH AND SAFETY
DATA RETENTION POLICY
REPORTING OF FINDINGS
COMMUNICATIONS
SUMMARY

Chapter 11: High-Technology Crimes: Case Summaries

Publisher Summary
INTRODUCTION
THE DRINKORDIE GROUP
OLDIE BUT GOODIE HACKER CASE
MILITARY HACKER FREED ON BAIL
WORM STRIKES DOWN WINDOWS 2000 SYSTEMS
FBI AGENTS BUST “BOTMASTER¿: LOS ANGELES, CALIFORNIA (REUTERS)
RESEARCHERS SNOOP ON KEYBOARD SOUNDS
SPAMMERS FACE JAIL IN NIGERIA
STOLEN UC-BERKELEY LAPTOP RECOVERED
THREE JAILED IN GLOBAL EBAY SCAM
BLOGGERS LEARN THE PRICE OF TELLING TOO MUCH
TWENTY ARRESTED IN CRACKDOWN ON INTERNET PHARMACIES
ALLEGED HACKER IS MICROSOFT EMPLOYEE
ANTIIDENTITY THEFT FREEZE GAINING MOMENTUM
E-MAIL RECEIVED BY ONE OF THE AUTHORS
BARRED NO MORE
PERSON USING AN ALIAS AND REPRESENTING A FICTITIOUS ISP INSTALLED SIX TOLL-FREE 800 NUMBERS FOR A TELEMARKETING COMPANY
A NETWORK SECURITY OPERATIONS CENTER RECEIVED A CATASTROPHIC OUTAGE NOTIFICATION FROM THEIR NETWORK MANAGEMENT CENTER INDICATING A FIBER OUTAGE HAD OCCURRED
TELECOMMUNICATIONS CABLES VULNERABLE TO TERRORISTS’ ATTACKS
SO YOUR EMPLOYER “LOST¿ YOUR INFORMATION
CALIFORNIA TO BAN HUNTING OVER INTERNET
E-MAIL RECEIVED BY ONE OF THE AUTHORS
NINE OF ISRAEL’S TOP BUSINESS EXECUTIVES AND 11 HEADS OF 3 LEADING INQUIRY COMPANIES—INCLUDING MODIIN EZRAHI— ARE IN CUSTODY SUSPECTED OF COMPLICITY IN A MASSIVE COMPUTERIZED COMMERCIAL ESPIONAGE CONSPIRACY
“BLASTER¿ TEEN SENTENCED TO 1½ YEARS
INFO ON 3.9M CITIGROUP CUSTOMERS LOST
WORLDPAY STRUGGLES UNDER DDOS ATTACK (AGAIN)
DENIAL-OF-SERVICE ATTACK VICTIM SPEAKS OUT
NEW VIRUS USES SONY BMG SOFTWARE
DUMPSTER DIVING FOR IDS
FIVE ARRESTED OVER PHISHING FRAUD
GEEKFATHERS: CYBER CRIME MOBS REVEALED
HACKER HELPS WANNABE BIZ STUDENTS
HACKERS BATTER CRITICAL UK INFRASTRUCTURE
HACKER INFILTRATED GOVERNMENT COMPUTERS, US MILITARY INSTALLATIONS, LABORATORIES, AND NASA
HACKERS TAKE A CRACK AT CISCO FLAW
HOME PCS HARNESSED TO SOLVE GLOBAL PROBLEMS
INTERNET CRASHES IN PAKISTAN
IPOD BLAMED FOR SPIKE IN SUBWAY CRIME
“MEDICA IGNORED WARNINGS,¿ SAYS EX-EMPLOYEE
WEB SITE OWNER DEFIES JUDGE’S ORDERS
PHISHERS ADOPT SCAM TRICKS FROM VIRUS WRITERS
LEXISNEXIS: HACKERS ACCESSED 32,000 IDS
TELEPHONE SCAM
E-MAIL RECEIVED BY ONE OF THE AUTHORS
E-MAIL MESSAGE RECEIVED BY ONE OF THE AUTHORS: ANOTHER VARIATION ON THE THEME
TIME WARNER ALERTS STAFF TO LOST DATA FILES FOR 600,000 WORKERS
FEDERAL AGENTS HAVE CARRIED OUT SEARCHES IN AT LEAST TWO STATES AS PART OF THE INVESTIGATION INTO THE THEFT OF SOCIAL SECURITY NUMBERS AND OTHER PERSONAL INFORMATION FROM DATABASE GIANT LEXISNEXIS INC.
HACKERS TARGET ITUNES, ANTIVIRUS WARE
JUDGE DISMISSES SPAM CONVICTION
MASTERCARD SECURITY ALERT—MORE THAN 40 MILLION CREDIT CARDS MAY HAVE BEEN BREACHED; WARNING TO MEMBER BANKS ISSUED
SASSER AUTHOR GETS SUSPENDED TERM
A FEDERAL JUDGE HAS AWARDED AN INTERNET SERVICE PROVIDER MORE THAN $1 BILLION IN WHAT IS BELIEVED TO BE THE LARGEST JUDGMENT EVER AGAINST SPAMMERS
TEEN SENTENCED FOR “BLASTER¿ WORM VARIANT
SUMMARY

Part III: Introduction to Overview of the High-Technology Crime Investigation Profession and Unit

Introduction

Chapter 12: The Global Enterprise Corporation

Publisher Summary
INTRODUCTION
GEC BACKGROUND INFORMATION
KEY ELEMENTS FOR THE HIGH-TECHNOLOGY CRIME INVESTIGATOR TO CONSIDER
GETTING TO KNOW GEC
GEC’S STRATEGIC BUSINESS PLAN
GEC’S TACTICAL BUSINESS PLAN
GEC’S ANNUAL BUSINESS PLAN
HIGH-TECHNOLOGY CRIME PREVENTION PROGRAM PLANNING
SUMMARY

Chapter 13: Understanding the Role of the High-Technology Crime Investigator and a Crime Prevention Unit in the Business and Management Environment

Publisher Summary
INTRODUCTION
WHAT IS EXPECTED OF YOU?
GEC HIGH-TECHNOLOGY CRIME INVESTIGATOR RESPONSIBILITIES
GOALS AND OBJECTIVES
LEADERSHIP POSITION
PROVIDING HIGH-TECHNOLOGY CRIME PREVENTION SERVICE AND SUPPORT
USE TEAM CONCEPTS
VISION, MISSION, AND QUALITY STATEMENTS
HIGH-TECHNOLOGY CRIME PREVENTION PRINCIPLES
PROJECT AND RISK MANAGEMENT PROCESSES
HIGH-TECHNOLOGY CRIME PREVENTION ORGANIZATIONAL RESPONSIBILITIES
GEC HIGH-TECHNOLOGY CRIME INVESTIGATOR FORMAL DUTIES AND RESPONSIBILITIES
SUMMARY

Chapter 14: The High-Technology Crime Investigation Unit’s Strategic, Tactical, and Annual Plans

Publisher Summary
INTRODUCTION
GEC’S HIGH-TECHNOLOGY CRIME PREVENTION TACTICAL PLAN
GEC’S HIGH-TECHNOLOGY CRIME PREVENTION ANNUAL PLAN
SUMMARY

Chapter 15: High-Technology Crime Investigation Program and Organization

Publisher Summary
INTRODUCTION
HIGH-TECHNOTLOGY CRIME INVESTIGATION UNIT DRIVERS
HIGH-TECHNOLOGY CRIME INVESTIGATOR MANAGER THOUGHT PROCESS IN ESTABLISHING THE HTCPP AND INVESTIGATION ORGANIZATION
SECURITY FUNCTIONAL PROCESS SUMMARY
HIGH-TECHNOLOGY CRIME INVESTIGATIVE ORGANIZATION
DETERMINING THE NEED FOR HIGH-TECHNOLOGY CRIME INVESTIGATION SUBORDINATE ORGANIZATIONS
HIGH-TECHNOLOGY CRIME INVESTIGATION JOB DESCRIPTIONS FOR THE UNIT
RECRUITING HIGH-TECHNOLOGY CRIME PREVENTION PROFESSIONALS
IDENTIFYING IN-HOUSE HIGH-TECHNOLOGY CRIME INVESTIGATOR CANDIDATES
IDENTIFYING OUTSIDE HIGH-TECHNOLOGY CRIME INVESTIGATOR CANDIDATES
SUMMARY

Chapter 16: High-Technology Crime Investigative Functions

Publisher Summary
INTRODUCION
DETERMINING MAJOR HIGH-TECHNOLOGY CRIME INVESTIGATIVE FUNCTIONS
HIGH-TECHNOLOGY CRIME INVESTIGATION POLICY
GEC’S HIGH-TECHNOLOGY CRIME INVESTIGATION REQUIREMENTS AND POLICY DIRECTIVE (IRPD)
HIGH-TECHNOLOGY CRIME INVESTIGATION PROCEDURES
AWARENESS PROGRAM
PROACTIVE HIGH-TECHNOLOGY CRIME PREVENTION SURVEYS AND RISK MANAGEMENT
WHAT IS RISK MANAGEMENT?
RECOMMENDATIONS TO MANAGEMENT
RISK MANAGEMENT REPORTS
HIGH-TECHNOLOGY CRIME PREVENTION SURVEYS
SUMMARY
EXCERPTS FROM A SAMPLE SURVEY ACTIVITY LOG

Chapter 17: Sources, Networking, and Liaison

Publisher Summary
INTRODUCTION
COLLECTING INFORMATION
SOURCES
“CARDING¿ SOURCES
CLASSIFYING THE RELIABILITY OF SOURCES AND THE ACCURACY OF THEIR INFORMATION
NETWORKING
LIAISON
SUMMARY

Chapter 18: High-Technology Crime Investigation Unit Metrics Management System

Publisher Summary
INTRODUCTION
INVESTIGATIONS
INVESTIGATION CASE STUDY
SUMMARY

Chapter 19: Outsource or Proprietary?

Publisher Summary
INTRODUCTION
OUTSOURCING: A DEFINITION
THE ADVANTAGES AND DISADVANTAGES OF A PROPRIETARY HIGH-TECHNOLOGY CRIME INVESTIGATIVE UNIT
THE ADVANTAGES AND DISADVANTAGES OF AN OUTSOURCED HIGH-TECHNOLOGY CRIME INVESTIGATIVE UNIT
CANDIDATE SECURITY FUNCTIONS FOR OUTSOURCING: HIGH-TECHNOLOGY CRIME INVESTIGATION
SAMPLE OUTSOURCING ANALYSIS
PROBABILITY OF FAILURE
CONSEQUENCE OF FAILURE
FINAL OUTSOURCING DECISION
SUMMARY

Part IV: Introduction to High-Technology Crime Investigation Challenges of the 21st Century

Introduction

Chapter 20: The Future of High Technology and Its Impact on Working in a Global Information Environment

Publisher Summary
INTRODUCTION
MICROPROCESSORS
PESSIMISM VERSUS OPTIMISM
ELECTRICALLY CHARGED AMOEBAE?
HIGH-TECHNOLOGY DEVICE INTEGRATIONS AND TRENDS TOWARD THE FUTURE
POWER TO THE PEOPLE?
SUMMARY

Chapter 21: The Future of High-Technology Crimes, Security, and the Criminal Justice System

Publisher Summary
INTRODUCTION
HIGH-TECHNOLOGY SECURITY
INFORMATION SYSTEM SECURITY
CRIMINAL JUSTICE SYSTEMS
SUMMARY

Chapter 22: Terrorism—Crime or War? Its Impact on the High-Technology Crime Investigator and the Profession

Publisher Summary
INTRODUCTION
THE CURRENT ENVIRONMENT
CURRENT TERRORIST USE
INTELLIGENCE GATHERING
DIRECT ATTACKS
SUMMARY

Chapter 23: The Future of the High-Technology Crime Investigator Profession

Publisher Summary
INTRODUCTION
LACK OF TRAINING, MANAGEMENT SUPPORT, AND SOMETIMES EVEN INTEREST
HIGH-TECHNOLOGY CRIME INVESTIGATION UNITS AND LAW ENFORCEMENT
TRAINING
HIGH-TECHNOLOGY CRIME INVESTIGATIONS
THE BEST TOOLS TO ASSIST IN CONDUCTING HIGH-TECHNOLOGY CRIME INVESTIGATIONS
THE BEST TOOLS TO ASSIST IN COMMITTING HIGH-TECHNOLOGY CRIMES
HIGH-TECHNOLOGY CRIMES INCREASING OR DECREASING?
CONFIGURATIONS AND SECURITY OF LAW ENFORCEMENT SYSTEMS
SYSTEMS SECURE?
CONCLUSIONS
SUMMARY

Chapter 24: Developing a Career as a High-Technology Crime Investigator

Publisher Summary
INTRODUCTION
QUALIFICATIONS
CERTIFICATION
EXPERIENCE
KNOWLEDGE
RANGE OF CASES
TECHNOLOGIES
ASSOCIATIONS
SUMMARY

Chapter 25: Marketing Yourself as a Successful High-Technology Crime Investigator

Publisher Summary
INTRODUCTION
MARKETING SUPPORT: TRAINING, EXPERIENCE, CERTIFICATIONS, ASSOCIATIONS, AND CONTACTS
APPLYING FOR THE POSITION OF HIGH-TECHNOLOGY CRIME INVESTIGATOR, SUPERVISOR, OR MANAGER
YOUR RESUME MADE IT PAST THE INITIAL SCREENING-NEXT STEP: THE INTERVIEW
THE PORTFOLIO
SUMMARY

Chapter 26: So, Are You Ready to Become a High-Technology Crime Investigative Consultant?

Publisher Summary
INTRODUCTION
HAVE A PLAN
GETTING STARTED
QUESTIONS TO CONSIDER
SUMMARY

Chapter 27: Conclusions and Final Thoughts

Publisher Summary
INTRODUCTION
WHAT IS THE PROFILE OF A SUCCESSFUL HIGH-TECHNOLOGY CRIME INVESTIGATOR?
“LOVE IT OR LEAVE IT!¿
HOPES FOR THE FUTURE

ISBN: 9780750679299

Page Count: 470

Retail Price : £46.99

INFOSEC and Information Assurance managers, technicians, and investigators; computer forensic professionals and forensic consulting firms; IT technical and IT network professionals interested in specializing in Security. Business managers, corporate security professionals managers, law enforcement officers, and students enrolled in IT computer and information security classes

Related Titles