Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Using the online library, the Internet, and all course materials, research cyber

ID: 3752559 • Letter: U

Question

Using the online library, the Internet, and all course materials, research cyber criminals, their motives, and the forensic tools used to track an offender.

Summarize who you believe cyber criminals are, and why?

What do you believe are the motives of a cyber criminal? Why?

What are 3 ways to track an offender? Give an example of each.

What types of tools are used in the process of a digital or network investigation?

What information can be learned through these tools about the intrusion or other cyber crime?

What are the main investigative tools that all cyber crime investigators should have? What are some of the specialty tools that investigators would require for specific type of investigation such as network intrusion or mobile investigation?

Explanation / Answer

a.) Motives of Cyber Criminal:

According to Social Psychologist, Max Kilger, PH.D., senior lecturer in the Department of Information Technology and Cyber Security at the University of Texas at San Antonio (UTSA), there are actually six motivations behind cybercriminal activities, otherwise known as MEECES (a play off the old FBI counter-intelligence term MICE):

Money: Kilger finds that individuals who are motivated by financial gain are found within underground groups who share this motivation.

Ego: Those who are motivated by ego derive satisfaction creating code that is both elegant and innovative.

Entertainment: Those that are motivated by entertainment seek to do things like interfere or humiliate for the fun of it. Kilger notes that due to infusion of less technical individuals into the digital space along with an expanded environment, entertainment as a motivation has gained momentum. One example of this type of motivation is when a cybercriminal group dumps company data for the lulz or tries to humiliate and damage a company brand or individuals employed by the company.

Cause: Kilger says this motivation is commonly utilized by hacktivists—those who use the Internet to promote political, scientific or social cause. Kilger says:

Levels of magnitude in this arena can be as simple as a web defacement to the theft of classified documents.

Entrance to a social group: There are also individuals who are motivated by social group inclusion who generally have to meet particular requirements to join the group—such as hacking a university departmental database to prove to the group that they have a certain level of expertise. This occurs frequently in underground forums where a member must be vetted via other members and through performing some type of hacking act.

Status: Individuals who are motivated by status have skills and expertise in networks, operating systems, hardware, security, cryptography, etc., and are well known within the underground hacking community due to these particular characteristics.

b.) 3 Ways to track an offender are:

1.) Web resources for researching Internet inhabitants

International Registries

Three international organizations are responsible for the administration of IP addresses within their region, so they should be considered definitive sources. Each of these organizations has a Web site that provides a whois interface, in addition to other information helpful in locating the owner of a specific IP address:

2.)

Network diagnostic and research sites

3.)

News and e-mail abuse information

c.)

1. Digital Forensics Framework

Digital Forensics Framework is another popular platform dedicated to digital forensics. The tool is open source and comes under GPL License. It can be used either by professionals or non-experts without any trouble. It can be used for digital chain of custody, to access the remote or local devices, forensics of Windows or Linux OS, recovery hidden of deleted files, quick search for files’ meta data, and various other things.

Download: http://www.digital-forensic.org/

2. Open Computer Forensics Architecture

Open Computer Forensics Architecture (OCFA) is another popular distributed open-source computer forensics framework. This framework was built on Linux platform and uses postgreSQL database for storing data.

It was built by the Dutch National Police Agency for automating digital forensics process. It is available to download under GPL license.

Download: http://sourceforge.net/projects/ocfa/

3.

3. CAINE

CAINE (Computer Aided Investigative Environment) is the Linux distro created for digital forensics. It offers an environment to integrate existing software tools as software modules in a user friendly manner. This tool is open source.

Read More about it: http://www.caine-live.net/

4. X-Ways Forensics

X-Ways Forensics is an advanced platform for digital forensics examiners. It runs on all available version of Windows. It claims to not be very resource hungry and to work efficiently. If we talk about the features, find the key features in the list below:

You can read the full list here: http://www.x-ways.net/forensics/

5. SANS Investigative Forensics Toolkit – SIFT

SANS Investigative Forensics Toolkit or SIFT is a multi-purpose forensic operating system which comes with all the necessary tools used in the digital forensic process. It is built on Ubuntu with many tools related to digital forensics. Earlier this year, SIFT 3.0 was released. It comes for free or charge and contains free open-source forensic tools.

In a previous post at resource.infosecinstitute.com, we already covered SIFT in detail. You can read those posts about SIFT to know more about this digital forensics platform.

Download: http://digital-forensics.sans.org/community/downloads

6. EnCase

EnCase is another popular multi-purpose forensic platform with many nice tools for several areas of the digital forensic process. This tool can rapidly gather data from various devices and unearth potential evidence. It also produces a report based on the evidence.

This tool does not come for free (see site for current pricing).

Read more about EnCase: https://www.guidancesoftware.com/products/Pages/encase-forensic/overview.aspx

8. The Sleuth Kit

The Sleuth Kit is a Unix and Windows based tool which helps in forensic analysis of computers. It comes with various tools which helps in digital forensics. These tools help in analyzing disk images, performing in-depth analysis of file systems, and various other things.

Read more about it here: http://www.sleuthkit.org/

Related Questions

Using the master budget provided in the tables below, decide which quarter would
Question #2815107
Using the master method in Section 4.5, you can show that the solution to the re
Question #3669132
Using the material presented in the Company Case, your own experience with Sears
Question #428443
Using the maximax criterion what would be the highest expected pay off ? O True
Question #3023727
Using the measured resistances and the table of conductivities, identify the met
Question #3893701
Using the measurements given for the following human evolution groups, please ex
Question #257502
Using the mergesort pseudocode in our textbook, sort the numbers 5, 2, 7, 4, 8,
Question #3593568
Using the method of Sec 7,6, solve prob. 7.29. Using the method of Sec 7,6, solv
Question #1825073

Navigate

Previous
Using the online library, the Internet, and all course materials, research cyber
Next
Using the open source code devloped in this textbook: http://eloquentjavascript.

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.