Week 8 final

CYBER CASES 2

CYBER CASES 2

CYBER CASES

American Military University

ISSC630

15 May 2022

Introduction

The report documents the investigation procedure followed by the forensic agents and the investigative offices on the incident and the recent evidence that was found on a suspect’s computer related to child pornography. The client claimed not to be part of the incident and that it was an ad that popped on his computer. The below research will document the procedures that were followed to obtain and prove that the accusation brought against the suspect incriminates him of the incident. This is by going through the forensic procedure of securing and obtaining evidence digitally. To provide concrete evidence to the court, an investigation and examination of the incident were carried out to obtain pieces of evidence to be used in criminal justice.

Literature review

First, the computer was taken and the digital devices that were related to the suspect to help in the investigation. The investigator brought in a forensic team to handle the collection and examination of the devices to determine whether there will be enough evidence pointing to the suspect's involvement in the child pornography cases “(Du et al., 2020). The forensic team had to check the email, and online chats, tracking the IP addresses in the devices to establish a pattern that can be used during the investigation process. The browsers and search histories will also be among the areas that will be investigated for relevant evidence related to the case.

Seizing devices to avoid manipulation of the information that is stored in the devices. This is done by turning off the devices, turning off the device to preserve the cell tower information that could be used to locate other accomplishes that may be related to the case. Securing the evidence to avoid the changes of data that is in the device before the evaluation and retrieval of information to be presented as evidence in the court of law (Arshad et al., 2018). The forensic team placed the evidence in antistatic packaging such as envelopes and cardboard boxes. Plastics were avoided as they can convey electricity or allow a buildup of humidity and destroy the evidence.

The evidence is taken into the forensic laboratory for examination to retrieve the relevant information that might be stored in the computer, and which can be used in court as evidence. The qualified analyst will follow the following procedure to retrieve information from the presented digital evidence. Preventing contamination. Before analyzing the data, a backup of the original files and information is created. When analyzing data from the suspect device the information should be kept in a clean storage device to secure the information (Du et al., 2020).

The forensic team isolated the wireless device in a different chamber where the analysis would be carried out. This is to prevent connection to any network and keeps evidence as pristine as possible. the device is connected to analysis software within the chamber this is to safeguard the evidence from digitally manipulating the information.

The analyst installs a write block software that prevents any changes on the device (Murthy et al., 2021). The select extraction method is applied, and the analyst determined the model of the device select extraction software designed to Parse the data most completely. The experts conduct an analysis of the content contained in the device including current files, internet history, logs, cookies, and deleted files. The forensic team has software that can be used to recover the deleted files that were removed and can be used as evidence.

The investigators had to carry out other investigations apart from awaiting the forensic reports to ensure that had enough evidence to be used against the suspect. In child porn cases investigators rely on electronic evidence. however, they also carried out interviews with the alleged offender, the people he was close to, and the family members to have a better understanding of the suspect. This background check helps the investigator to understand the full potential and the length the offender is willing to go when it comes to this type of case.

The report from the forensic came back and the investigative officer went through the evidence recovered. The evidence indicated the following: the first evidence was the suspect's fingerprint was found on the device that was found in his possession (Murthy et al., 2021). The forensic team examined the digital footprints and found there were no cookie ads that related to child pornography. The analyst found emails that were related to a discussion of child porn and the IP address that the group was using, the evidence also revealed encrypted messages that were sent to various users regarding child porn.

The investigative officers tracked down the addresses and stumped upon more evidence related to the child porn case. The internet history also presents evidence of the search history of the suspect that is also related to the case. The group has bank accounts that were used to pay for child traffickers (Arshad et al., 2018). To add to the evidence was the shipment of little girls that were found which also had a connection to the suspect. This evidence all proved that the suspect was involved in illegal business and would face trial for the charges brought against the offenders.

We focus on the new evidence and put aside the primary cases to allow the team to close the cases. upon closure, the team will embark on the primary case focus on the OPM attack. The decision is based on the evidence presented we would proceed with the child pornography case where the evidence has been presented and the suspect is in custody. The decision to focus on this case is due to the breakthrough in the case and the case is a critical issue that affects the lives of many youths in the society (Arshad et al., 2018). Having cracked open the case it is best to see it through and close the case for a better and safer environment for the children and the youths to live in society. Safety of the citizens especially the youth is essential hence it required attention when the opportunity presents itself. The investigation will be ongoing to ensure the entire criminal organization has been captured and the cases and incidents related to child kidnapping, trafficking, and child pornography are cubed and reduced in society.

References

Arshad, H., Jantan, A. B., & Abiodun, O. I. (2018). Digital Forensics: Review of Issues in Scientific Validation of Digital Evidence. Journal of Information Processing Systems, 14(2), 346–376. https://doi.org/10.3745/JIPS.03.0095

Du, X., Hargreaves, C., Sheppard, J., Anda, F., Sayakkara, A., Le-Khac, N.-A., & Scanlon, M. (2020). SoK: Exploring the State of the Art and the Future Potential of Artificial Intelligence in Digital Forensic Investigation. Proceedings of the 15th International Conference on Availability, Reliability, and Security”, 1–10. https://doi.org/10.1145/3407023.3407068

Murthy, S., Fontela, P., & Berry, S. (2021). Incorporating Adult Evidence Into Pediatric Research and Practice. JAMA. https://doi.org/10.1001/jama.2020.25007