Steps Involved in Cybercrime Investigation

In the era of digital India, a lot of technology and many developments are taken place and
many new inventions are still under process. With this increasing technology, the crimes
related to technology are also increasing. Many cases are registered under IT Act 2008 and
also got amended in 2010. Some of the cases registered are data theft, hacking, unauthorized
access, pornography, intellectual property theft, cyber terrorism, viruses and many.
Cybercrime becomes a large threat to the business, national security and for the common
man.
The following are the process of cybercrime investigation methodology
 Questioning
Trying to collect the information about the crime, why it has done who committed and how to
precede the investigations.
 Gathering Information
By checking web cameras, wire taps etc., sometimes the evidence is collected from the
hacker’s computers also.
 Computer Forensics
After the process of questioning and information gathering, e forensic tools are used to
collect the evidences. The collected evidences should be maintained carefully because it has
to be produced in court.
Techniques of cybercrime investigation:
• Searching Who is
• Tracking IP address
• Analysis of webserver logs
• Tracking of email account
• Trying to recover deleted evidences
• Trying to crack the password
• Trying to find out hidden data
A computer forensic investigator should follow some of the investigation methodologies in
order to find out the truth. They have to follow some procedures to find out the truth. One
should gather the evidences without affecting the chain of custody of the evidences. Once the
evidence is gathered, one should maintain the original data safely and should work on the
duplicate data. Data integrity should be maintained by the forensic investigator.
Forensic investigator should follow the following steps in investigating the cyber forensic
cases. The process of investigation should not ruin the reputation of the investigator and also
the reputation of the organization.
• For legal opinion the company should call for a legal advisor
• The First Response of Procedures (FRP) is prepared by the forensic investigator.
• The evidence from the crime scene is gathered by forensic investigator and it is
afterwards taken to the forensic lab.
Criminalistics as it relates to the investigative process

What is criminalistics?

Criminalistics refers to a specialized section within the larger field of forensic science.
A criminalist is a person responsible for the “recognition, documentation, collection,
preservation and interpretation” of physical evidence from a crime scene. Criminalists are
also often required to testify in court about their scientific findings.  

The most common specializations within the field of criminalistics include:

 Firearms and toolmarks: focuses on the types of firearms used in a crime and any
scratches or striations on spent bullets.
 Trace evidence: s microanalysis of fibers, hair, soil, food, plastic bags and anything
else that can provide information about the context of the crime.
 DNA and Serology: examines any tissue or biological material that may contain
DNA.
 Drugs, Alcohol and Toxicology: uses a chemistry-based analysis to identify
controlled substances in powders, pills and liquids and body fluids.

WHAT DO CRIMINALISTS DO?

Criminalists use their knowledge of physical and natural science to examine and analyze
every piece of evidence from a crime scene. They prepare written reports of their findings
and may have to present their reports in court. A criminalist is not involved in determining
the guilt or innocence of an accused individual; their job, rather, is to present an objective
analysis of the evidence.
There are several key skills that criminalists need to be successful in their work. They must
be detail-oriented and have excellent written and verbal communication skills. They should
also have strong critical-thinking and problem-solving skills and a solid background in
science, statistics, physics, math, and ethics. Finally, criminalists should be comfortable
testifying in court.
Most of a criminalist’s work is performed in a laboratory unless they specialize in crime
scene investigation. Their job typically includes recognizing what information is important,
collecting and analyzing evidence without contaminating it, and organizing all information
and evidence coherently.
Criminalistics has many fields of specialization. Specialties include, but are not limited to:
 Alcohol and drugs
 Arson
 Blood and tissue spatter
 Computer forensics
 DNA
 Explosions
 Serology (examining and analyzing body fluids)
 Toxicology
 Firearms and tool marks
 Trace evidence
 Wildlife (analyzing evidence against poachers)
As long as crimes continue to be committed, there will alway be work for criminalists. A
criminal will always leave evidence, no matter how minute, according to forensic scientist
and “Father of Criminalistics” Paul L. Kirk:
“Wherever he steps, whatever he touches, whatever he leaves, even unconsciously, will serve
as silent evidence against him. Not only his fingerprints or his footprints, but his hair, the
fibers from his clothes, the glass he breaks, the tool mark he leaves, the paint he scratches, the
blood or semen that he deposits or collects – all these and more bear mute witness against
him. This is evidence that does not forget. It is not confused by the excitement of the
moment. It is not absent because human witnesses are. It is factual evidence. Physical
evidence cannot be wrong; it cannot perjure itself; it cannot be wholly absent. Only its
interpretation can err. Only human failure to find it, study and understand it, can diminish its
value.”

WHO EMPLOYS CRIMINALISTS?

The BLS (Oct. 2017) predicted that openings for forensic technicians would increase by 17
percent in the decade preceding 2026, which is more than double the average for all
occupations nationally (7 percent). Technological advances have made forensic information
increasingly essential in the courts and criminalists with a master’s degree are expected to
have the best opportunities.
The biggest employers of criminalists are governmental agencies, such as those below.
 Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF)
 Central Intelligence Agency (CIA)
 Drug Enforcement Administration (DEA)
 Environmental Protection Agency (EPA)
 Federal Bureau of Investigation (FBI)
 Medical Examiners/Coroners
 Military
 Police departments
 U.S. Customs
Other employers include private companies, educational institutions, and crime laboratories.
For most positions, criminalists must pass drug tests and background investigations.
Although criminalists are not obligated to be licensed, most choose to obtain credentials and
certifications from various professional organizations.

The Holistic Approach to Cybersecurity

Organizations that adopt a comprehensive approach to cyber security are more readily able
to successfully prevent, mitigate, and remediate attacks than those that do not. Such
an approach incorporates people, processes, and technology