Order Number |
636738393092 |
Type of Project |
ESSAY |
Writer Level |
PHD VERIFIED |
Format |
APA |
Academic Sources |
10 |
Page Count |
3-12 PAGES |
Digital forensics investigation report
The CTO of ABC limited hired me as a digital forensic investigator on 1st March 2020, I was tasked with a case that involved potential monetary fraud in the organization (Casey, 2009). The CTO gave me access to the work station plus leads regarding one of the employees who was the key suspect in the case with the required hardware inclusive of the suspect’s USB. With the help of the CTO, I was able to conduct the digital forensic examination on the potential monetary fraud case.
Growth in technology has brought out the aspect cybercrime which involves the tracing of malicious online activities that’s crucial nowadays for private citizens protection while online operations are preserved in the safety of the public, the nation’s security, government regulations and enforcement of law (Jones & Valli, 2011).
Tracing of digital activities allows us as digital investigators to be able to connect cyber transfer of information and information stored digitally to the physicality of evidence of crime activity which allows us to be able to expose predetermined criminal intention which may help in preventing potential cybercrimes in the coming days.
Having worked on digital forensics cases previously I was forced to develop a digital forensic investigation plan that outlined the key steps and procedures that I was to undertake to come up with a revealing and thorough investigation of the potential monetary fraud case (Li, 2013). These steps are elaborated below.
This is the first procedure I had to undertake in the potential monetary fraud case (Sachowski, 2018). The digital evidence is delicate and highly sensitive and I always understand value attached to this information bearing in mind that it can easily be compromised if not protected and handled properly. Hence with the help of the CTO of the ABC limited organization we were able to establish stringent outlines for activities relating to the potential monetary fraud case.
For instance, these procedures comprised of detailed instructions on when I was instructed to conduct possible digital evidence recover, how to establish systems properly for retrieval of evidence and the proper documentation of this process to ensure data authenticity.
I was able to determine the proper investigation procedures hence developing rigorous programs for training to ensure that practices are adhered to in the best manner and developing cybersecurity divisions which set rules and regulations governing all digital activities of the ABC limited.
This is crucial for any organization (Jones & Valli, 2011). The integral part that constitutes investigative policies and procedures is the codification of an outlined explicit actions relating to what constitutes the evidence, location to gather evidence and handling it on the case of its retrieval.
The key component of my investigation on potential monetary fraud in the organization involved assessing potential evidence of the potential fraud case. The basis of an effective assessment process of evidence is based on understanding the case details hence clarification of the cybercrime at hand (Casey, 2009). Before conducting the investigation, I was able to define the types of investigation I was seeking and had a better understanding on preserving the predetermined data and hence I was able to determine the source and it’s integrity prior to preserving the data.
This is perhaps the most crucial facet of coming out with success in my forensic investigation in the ABC limited (Sachowski, 2018). This entails a rigorous outlined evidence acquisition plan. There’s exclusive documentation before, on process and after the acquisition of evidence hence is recording and preserving of detailed information with the inclusion of specifications on all systems used for investigation and the system on the investigation.
At this stage, the policies relating to the preserving of potential evidence are applied mostly (Li, 2013). The acquisition of evidence must be done in a deliberate and the most legal manner.
Forensic investigations at ABC limited were majorly dependent on outlined procedures for retrieval, copying, and storage of potential monetary fraud evidence within appropriate databases for me to conduct an effective investigation (Jones & Valli, 2011).
I was able to examine typically data from known archives by use of different methods and approaches on information analyzation which included utilization of software analysis to search massive archives and methods of files retrieval deleted recently. Tagged data with durations was useful as there were suspicious files and programs hidden intentionally or encrypted hence this is key on determining the kind of information that can serve as evidence.
I was able to accurately record all activities relating to the potential monetary fraud case I carried out at ABC limited that included all methods I used in retrieving, copying and data storage, actions I took to acquire, examine and assess evidence (Sachowski, 2018). On addition to demonstrating the integrity of user data preservation, this was able to establish that all policies and procedures were adhered to.
Since the main goal is to gather information as evidence to be tabled in a court of law which means failure to accurately present data would compromise the validity of the case. I was able to use laboratory accreditation to validate collected data in line with ISO 17025 laboratory accreditation standard. I established images for machine analysis (MD5, SHA-1) to verify the authenticity of data collected (Casey, 2009).
References
Casey, E. (2009). undefined. Academic Press.
Jones, A., & Valli, C. (2011). Building a digital forensic laboratory: Establishing and managing a successful facility. Butterworth-Heinemann.
Li, C. (2013). Emerging digital forensics applications for crime detection, prevention, and security. IGI Global.
Sachowski, J. (2018). Digital forensics and investigations: People, process, and technologies to defend the enterprise. CRC Press.