| In the global village called the internet, not | | | | system. |
| everyone plays nice. You always hear of the | | | | 2. The forensic investigator must then document |
| word "hack". It is mostly used in relation to | | | | the configuration of the system as you would |
| invading of computers. Most of these are not | | | | document a crime scene. This should include the |
| entirely true but computer network systems do | | | | order of hard drives, modem, LAN, storage |
| get hacked. If and when it does happen, it usually | | | | subsystems, cable connections, and wireless |
| involves something sinister. | | | | networking hardware. The analyst may make a |
| Even employees of companies do engage in | | | | diagram to go along with the digital photographs. |
| snooping or to use our favorite word, hacking. | | | | They will also take portable storage devices within |
| The birth of the internet has led to more of this. | | | | the area that may contain substantial evidence. |
| Anyone can be anything online. This is why fraud, | | | | 3. The computer forensic expert must take all |
| phishing, and identity theft happen. | | | | the evidence to the lab. This is because the |
| The computer has become an important part of | | | | analyst should not examine the evidence in the |
| everyday life. Sending letters have been entirely | | | | same hardware. People who engage in cyber |
| changed by emails. Communications have been | | | | crimes are also aware that important data can be |
| dominated by instant and text messaging. Portable | | | | retrieved to convict them. Countermeasures, |
| storage devices that were an exclusive preserve | | | | viruses and booby traps may be installed in the |
| of Information Technology professionals are now | | | | system to damage electronic evidence. |
| used by the general public. | | | | Analysts take the hard drive in their lab instead to |
| I think you are already getting the idea of why | | | | make an exact duplicate of its contents. This |
| computer forensics are needed. In the event that | | | | process is called Imaging. Analysts have their own |
| hacking does occur, the computer forensic will do | | | | tools to make sure that the data is copied |
| the following: | | | | completely and accurately. |
| 1. Like any other investigation, the computer | | | | The duplicate will then be verified by an algorithm. |
| forensic must handle the area as a crime scene. | | | | The data is then examined and analyzed. The |
| He or she will take digital photographs and secure | | | | analyst makes a report of his or her findings and |
| documentary evidence. This will include printouts, | | | | the process that was taken during the |
| notes and disks in the scene. | | | | investigation starting from the acquisition of the |
| If you are the one who hired the computer | | | | data. This evidence will be presented in court if |
| forensic expert, you should leave everything to | | | | prosecution is necessary. |
| them. The computer system should be left as is | | | | The computer forensic plays many roles and |
| whether it is turned on or off. | | | | duties in the criminal justice field. It is hard to |
| If the computer was left on, the analyst will | | | | cover all of them in this short article. I encourage |
| gather all the information that he or she can from | | | | you to do more reading if you are interested in |
| the running applications. The computer will then be | | | | this field. You can do this by visiting websites that |
| shutdown in a way that the data will not be lost. | | | | cover the profession in more detail. |
| Doing a standard shutdown or pulling the plug is | | | | Note: You are free to reprint or republish this |
| not an option. Both of these methods may cause | | | | article. The only condition is that the links should |
| the loss or damage of the data in the computer | | | | be clickable. |