Computer Forensics: Cybercrime Investigation and Evidence Analysis

Verified

Added on 2023/06/12

AI Summary

This report delves into computer forensics, examining the investigative approaches to cybercrime scenarios such as the Baltimore 911 system hack and the WannaCry virus attack. It discusses identifying malware, tracing attack origins, and leveraging digital data from platforms like Facebook for crime scene investigation. The analysis emphasizes the importance of tracking browsing activities, analyzing coding styles, and utilizing available digital footprints to narrow down attackers and prevent future incidents. The report also highlights the potential of using data, such as facial recognition, to aid investigations, while acknowledging the associated security concerns.

Computer Forensics
Computer Forensics
Your Name
Institution Name

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Computer Forensics
Baltimore’s 911 system hack
The 911 system works by routing the calls made by users to emergency responders who are
closest to a call. The 911 system has saved countless number of lives since its inception, and if
hindered, it could disable an entire state for an extended period of time. An attack termed as a
TDoS attack, or telephony denial of service attack infects a number of mobile phones to
autimatically make fake calls to 911, clogging call center ques. This prevents real users from
reaching the operators (Tan et.al, 2014).
The primary aim of an investigative officer in case of a 911 systems hack would be to
identify the route cause of the hack. As the majority of hacks occur due to Malware that infects
phones, it would be better to intially try and identify the Apps that conain Malware or Spyware.
Once the particular Malware has been identified, the next step would be to identify the phones
from which the calls have been arriving to the 911 facility. But this may be challenging for the
investigative officer, as the attacks are initiated through a set of commands via covert text
messages or the Internet. Steps could be taken to block the phones that repeatedly make the 911
calls using the ImternationalMobile Subscriber Identity (IMSI) number.
The Wannacry Virus attack on 2017
On May 2017 a virus called WannaCry that encrypts data on infected computers and
demands ransom payments to allow users access was released across the world. The WannaCry
virus predominantly attacked the NHS, which severely deterred its ability to provide care to the
patients.
The peculiar feature about WannaCry was that it spreads itself to an organization's
network by exploiting a vulnerability (Chen and Bridges, 2017). But it was difficult to determine

Computer Forensics
how the first computer got infected. As an investigative officer, a deeper probe into the places
where WannaCry was hosted on malicious websites would have yielded more clues about the
attackers. Another feature of WannaCry was the ransom that was to be paid through Bitcoins. A
deeper analysis into the type of attack could be made by analysing the style of coding. In cyber
crimes, most of the times the attacker may leave certain clues like their way of coding, type of
attack, in this case ransomware which could be analysed better to narrow down the attackers.
Digital data useful for computer crime scene investigators
There are a lot of valid data that could be shared by Facebook provided that an individual has
been carrying out questionable activities through the Interet. There are a lot of information that is
available in the Internet about hacking and cybercrimes. If the browsing activities of an
individual is tracked, like what websites are he visiting or what kind of facebook groups are he
following, law enforcement can get a fair clue about the activities that is being carried out
(Weulen et.al, 2018). Facebook could similarly use features like facial recognition to identify
where the person has been traveling, and whom hasbe been with. Though sharing these
information is a massive breach of security, if the impact of criminal activities could be lessened
or stopped, there is no harm in sharing even these data.
References
Tan, Z., Jamdagni, A., He, X., Nanda, P., & Liu, R. P. (2014). A system for denial-of-service
attack detection based on multivariate correlation analysis. IEEE transactions on parallel
and distributed systems, 25(2), 447-456.
Chen, Q., & Bridges, R. A. (2017). Automated Behavioral Analysis of Malware A Case Study of
WannaCry Ransomware. arXiv preprint arXiv:1709.08753.

Computer Forensics
Weulen Kranenbarg, M., Holt, T., & van Gelder, J. L. (2018). Offending and Victimization in the
Digital Age: Comparing Correlates of Cybercrime and Traditional Offending-Only,
Victimization-Only and the Victimization-Offending Overlap. Deviant Behavior.