Challenges facing law
enforcement agencies in the
fight against cybercrime
Emergency free number:
112
http://www.isf.gov.lb
•
•
•
•
•
•
•
•
Crimes related to IT
Role of law enforcement agencies
Challenges
Case lifecycle
Legal framework
Training
Tools & techniques
Recommendations
CRIMINALITY FIGURES :
TOTAL CASES
REPORTED
INVESTIGATED
BROUGHT TO COURT
SENTENCED
1.
2.
3.
4.
IT as a tool of crime
IT crime, cybercrime: IT as object of crime
IP relates crimes
IT content as evidence in traditional crime
•IT in all aspects of life: IT in all aspects of
crime
•Multiple-offense situation
•Transnational
•New forms of crime
•The crime scene is virtual
•Involvement of all of the units of the law
enforcement agencies , not only the anticybercrime unit
•
•
•
•
•
•
•
•
Conduct investigations
Pursue criminals
Forensic lab search
Monitor the cyberspace, internet cafes
Alert from attacks
Suggest prevention
Cooperate with: other agencies, ISP’s
Enforce the law
•
•
•
•
•
•
•
•
Inform law enforcement: report crime
Crime scene preservation (yellow stripes)
Evidence seizure
Forensic lab search: what are we looking for?
Local, over the net
International cooperation
Investigation management
Relation with the judicial system, ISP’s
•
•
•
•
•
•
•
•
•
•
•
Cybercrime law
Acceptance of digital evidence
Data privacy
Traffic data disclosure
Crime scene preservation
Evidence recovery
Know-how, skills, training
Being proactive, staying updated
Cost
Cooperation : international, ISP’s
Play by the rules (criminals don’t)
AntiOther
cybercrime specialized
unit
units
IT as a tool
Cybercrime
IT as
evidence in
crime
Penal code
LAB
Digital
evidence
acceptance
Digital
evidence
acceptance
Cybercrime
law
Penal code
Digital
evidence
acceptance
•
•
•
Train all the staff involved in the case lifecycle
Adapt training to operational needs
Continuous update
•
•
•
Special IT forensic tools
Define procedures
Interpol It crime manual
)nov 2004(
Product
. Cyber crime investigation tools
Functions
Price
Website
© EnCase
Acquisition
Forensic edition : $1995.00 ·
per lic
Guidance software ·
Investigation
Fastbloc: $500.00 per unit ·
Enterprise ·
Reporting
Training: Basic: $1500.00 ·
Forensic ·
Intermediate:
$1850.00
© Fastbloc ·
Advance: $2000.00
www.encase.com
·
Special: $2000.00
·
·
Ultimate toolkit $ 1495 (incl ·
)trg $ 1995
Forensic Tool Kit
Access data ·
Investigation
Forensic Toolkit $795 ·
Indexing ·
Reporting
Password Recovery $ 495 ·
Paraben
Acquisition tool
to $ 450 per software 99 $
package
Paraben corporation ·
Bolt-on for examination of
evidence
plus training costs
www.accessdata.com
Password Recovery ·
Distributed Network Attack ·
Ultimate Toolkit ·
Primarily PDA’s ·
Now have acquisition tool ·
Bolt-on-for examination ·
evidence
www.paraben.com
•Protect yourself and your organization
•Cybercrime law
•All units involvement
•Anti-cybercrime unit
•Convention on cybercrime
•Interpol effort
•Cooperation :24/7 network
•Public private partnership
Thank you