Investigation in Cybercrime (Banking Sector) - Literature review Example

?Literature Review “Investigation in Cyber Crime (banking sector)” The word cyber crime refers to unlawful acts performed through the use of electronic devices, this primarily includes the computer, crime over the network through use of internet, cell phone .Such crimes may be aimed at individuals, property, transactions, institutes such as banks and other organizations that hold valuables in form of cash and other assets. Although cyber crimes pose threat to every individual, however the banking sector is at great threat from these crimes. The banks serve as ideal spot where deposits and assets of many people are collected, these are the soft targets because the criminals do not have to go on the spot and steal the valuables, rather simple use of internet and data base tracking system can help them get to their objectives. The types of crimes committed involve money laundering, accounts hacking, credit cards passwords retrieval, figures fudging ,all these crimes are quite common in modern day and for this purpose various entities have been formed that are specialized in looking after crimes performed over the internet and use of electronic equipments in banking sector . A survey conducted by C.E.R.T stated that only in the year 2003, a total of 666 million US Dollars were fudged by cyber crimes in the field of business [1].These are either as a result of an insider, or intruders that use the tactic of phishing and impersonating as the real owner of account .The banking sector in broader spectrum consists of private and public sector, corporate enterprises and foreign banks. It is being stated that one in 20 credit card holders come across credit card fraud and total amount reported due to this wrongful act results in total of 4 billion US Dollars annually. The concerned authorities look into various aspects of the crime committed, they are well prepared and trained to look into the technical aspects of the crime .Once a crime is committed , the first and foremost step by the administrative authority is to freeze the evidence. Mostly the evidence is in form of electronic traces, this includes the id used, the internet route used , portable hard drives, credit card skimmers, and the I.p addresses of the users that have accessed any account. Different tactics are used for performing these tasks, usually creation of website in part of the world other than the place where the culprits are operating from. Computers can either be the victim or the source for committing any wrongful act. This may also include any phone calls made pertaining to the crime. Online banking means are quite common these days. Auctions conducted online are another soft target for cyber criminals. Embezzlement of approximately 135 Million Euros took place through the use of card over internet .in the year 2010, online banking fraud resulted in loss of 46.7 million Euros [2].Online banking fraud takes places when the victim’s information is accessed and transactions are made pretending to be the real owner of account .it is being reported that 30 percent of the banking sector crimes that take place have internal employees involved in it directly or indirectly. A new York based bank Union Dime Saving Bank came across cyber crime when a total of $1.4 million U.S were embezzled through a crime committed through use of computers and accounts tracing[3]. While unearthing the crime in banking sector an important aspect of the overall investigation process is to ensure the originality of the evidence which is in form of digital evidence. The court needs the evidence in its original form. Electronic evidence is normally quite fragile therefore it demands extra care. Damaged or altered evidence is no good and cannot be presented in court of justice. The people employed must be aware of the fact that special care is needed in handling the evidence and they are provided with proper training on this matter. The digital evidence is just like D.N.A or finger prints evidence that is spotted on the scene. The “foot prints” in case of crime over internet are the log in ids used for performing the tasks, the time and date, the servers used, and all other means that have been used to access and commit the crime. Types of fraudulent means adopted for performing crime in banking sector Spoofing, Phishing Identity Theft Use of Worm and Trojans Password Retrieving softwares Denial of Service Improper use of Credit card Information retrieval through Online auctions The investigation and forensic tracing is a very sensitive process. It must be followed in proper manner. The investigative process is a step wise approach which requires proper homework into the subject and availability of experts and the tools and equipment that might be needed in performing of the task Several steps are involved in performing the investigation and it is a complete process that contains various steps, all of them are equally important .Establishment of long term relation with the banking sector is important because these are the institutes that require long term protection and awareness in terms of cyber crimes as banking sector is highly vulnerable to wrongful acts .Strong working relationship must be in place which would result in better performance of tasks on either end. In case of any defalcation In banking sector the initial step is deciding on conducting an investigation, this is usually done in house and considering the damage done and loses occurred ,the incident is reported to external sources that are the right people to inform about the occurrence. The external sources are usually the police and cyber crime department. . A Standardized investigative process consists of the following steps SANCTION: Once the crime has been reported, concerned departments and members are given details about it and asked for the authorization of action and all the necessary requirements are fulfilled in this step. It must be noted that cyber forensic is an expensive process, therefore it consumes high budgets and authorization step involves approval of funds for such projects and enquiries. Planning: Once the investigation is approved, ground level planning is performed for conducting the investigation. This involves selecting the rightful equipments and tools and softwares that would be needed in conducting the operation. Selecting the right kind of staff and members that are specialized in particular field of interest. This step also involves the time frame that is needed to complete the investigation process. Notification: This step involves informing the concerned parties about the action and declaration of open investigation into the matter. Notification may not be part of strategy always. Because at times the operation might need to be performed under the carpet in order to avoid the evidences being washed away. Acquisition: This is the initial step in the investigation and involves on the scene activity. The formal investigation stage starts when the inspecting team visits the site in order to either collect initial information or seize the spot. In case of activity performed online, the investigating party may not go to the site rather inspect the overall traffic over the network and check records of transactions made. It is concerned with identifying of material which may be useful in further case and finding the real causes and sources. The acquisition step is very vital because it lays firm foundation for further investigation. Material tested in this stage is passed through consideration whether it could serve as potential evidence. This helps the investigative team in further documenting the evidence so found, followed by the collection, and finally preservation. It must be taken into account that all evidence so collected must remain in its original state in order to present it in courts Evidence Identification: By this step, the physical processes have been initiated and all the material that is suspect full is observed and evidences are being separated. This step is very important because the information so found must remain in its original shape, therefore any data collected must be handled very carefully. Examination and Scrutiny: This step involves thorough search and studying of all the collected material. All the data collected from the spot or any data that is used in the crime is examined by the experts through the specialized software or group of experts. Hypothesis: Based on the examination and consideration of all factors and elements that might lead to the solution, a generalized idea is established that Is proposed and presented forward. By this time a rough sketch of overall process and the culprit is prepared. Presentation: By this stage the material so collected is prepared for further processing and is put into reading and comprehendible form. The data so collected needs to be in such a form that the jury may understand it, all the information so collected is in organized manner, and is prepared enough so that it can be produced in the court of law. The evidence so contained needs to be in its original shape. This step includes the material which might be de ciphered, or decoded so that it can be understood by the judge and rest of the jury. All these steps must be performed under the umbrella of rules specified by the governing body of Forensic crime investigating body. The steps so performed must be documented and standard procedures must be followed. Even the Cyber crime contains steps that need preserving of non electronic evidences. This includes the passwords and addresses written in hard form, any piece of indented writing and all these pieces of items that may have been used in a crime. Internet being a worldwide medium and without any boundaries, a crime might be committed from a computer thousands of miles away in other part of the world, for this reason collaboration between the investigating agencies is important worldwide . In case of a crime committed from across the border, the local investigating team traces the path and later forwards it to the entity that is responsible for comprehending the culprits and bringing them to justice. The information so presented in this case must be in accordance with the governing body of Forensic crimes and other Task forces that look into the nature of evidence and degree of felony committed, . In a bank environment usually multiple computers are taken into seizure, or the main networking stream line is frozen so that the important information remains on the server. The investigating team takes in to consideration the method of crime. Based on that, the data bases are checked that contains information of seasoned online criminals. The cyber crime department task is to collect the evidence and forward it to the concerned departments; they are not completely responsible for identifying the culprit. They may pass on the evidence to police, civil administration, auditors or judicial in charge. Decrypting the passwords and other hidden and coded words is also part of investigation, further RFID generation and identification of its owners is also a step in the whole investigative process. The set of potential clues and possible areas that could be part of investigation includes the internet traffic on the virtual private networks .Record of transactions made and their destinations which can be determined by tracing the I.P. Possible clues could include any profile and picture used during the entire process. And also phone calls records. Certain prerequisites come along investigation, which involve respecting the privacy of personnel and organizations, any data collected or scanned during the search process must not be used or mishandled for future proceedings which could create issues to the organization, any data collected or personal accounts information taken from the members of bank, it must be ensured that the respective information is dismantled after the inquiry process is completed, and finally all the data collected must be done through lawful means and must not include any coercion on the members of banking society. United Nations specifies certain rules in this regard which address the issue of proper handling of data and information collected during the investigation process [4]. All these steps constitute the investigation process; however time has come where the banks themselves need to look into the security issues more seriously. Prevention rather than correction is the order of the day. Strict monitoring must be in place to ensure smooth working and all loop holes that exist in the system must be eliminated, secure online banking should be ensured which includes firewalls installation and malware protection softwares against Trojans and spams. Transactions must be secured by preparing a two to three tier security wall in internet arena. Education and training must be provided to the employees which would enable them to stay away from promiscuous users and websites. Many recommendations are made in this regard that include spam detection softwares, voice recognition softwares. Bibliography:i Read More