Increased focus on cyber forensics is a must to help enforcement agencies take effective measures and legal recourses against cyber crime
Mritunjay Kapur | December 29, 2014
Today, while governments and corporates are increasingly leveraging technology to conduct business, they are also increasingly exposed to the threat of cyber crime. Cyber crime comprises a range of illegal activities using computing and communication devices aimed at causing loss to organisations. Digital frauds could range from fund embezzlement, data theft, and intellectual property violations to activities like security breaches, terrorism and money laundering.
As part of the recent KPMG cyber crime survey 2014, it was revealed that 49 percent of survey respondents have experienced cyber crime and digital frauds in the past 12 months. With more and more businesses and government organisations increasingly adopting technology and e-commerce, and criminals having access to greater digital attack tools, the number of such incidents can only be expected to rise in the future.
As the government looks at rapidly expanding the scope and depth of the e-governance services, the corresponding IT infrastructure along with monitoring capabilities would also need to be scaled up. Given the nature of technology and its usage, cyber crime cases are being reported across the spectrum from state-level cyber-attacks to targeted attacks at business groups, which often have a direct impact on their reputation, brand and financials. The pervasiveness of cyber crime is posing a serious risk.
Although it is seen that government organisations are increasingly becoming aware of the possibilities of cyber crime within their environment, a proactive approach to cyber risk management is mostly missing due to factors such as lack of top level support, requisite skill sets, and formalized digital evidence handling procedures and understanding of the related laws.
As part of the technology enablement initiative, both government agencies and businesses need to put in place effective cyber security measures using cyber risk assessment, real-time cyber threat monitoring and detection and cyber incident management protocols. This would need investment as it definitely requires building a pool of cyber specialists who are adequately trained and also, training law enforcement agencies for securing e-governance services.
Listen to the cyber voice
Combating cyber threats would entail using modern technologies to predict attack vectors, conduct real-time monitoring and set up incident response mechanisms. Digital information flow typically has its traces across the ecosystem from communication logs, social media sites and end-point devices. An effective mechanism could be to ensure that cyber threats are assessed on a continuous basis through dark net monitoring, analysis of various threat vectors released by the computer emergency response team (CERT) and simulating cyber crimes through cyber war rooms. Essentially, the focus has to be on being ready to combat cyber threats on a real-time basis so that the impact is neutralised.
Organisations, both public and private, need to invest in cyber monitoring mechanisms which could serve as the first line of defence. Though these involve investments in technology, the human aspect should not be ignored since they are often the weakest link in cyber security. Data analytics and predictive modeling techniques can scan through the attack vectors and predict attacks, so as to develop counter measures to deploy in an attack scenario. This would need a good partnership to be established across public and private sectors, and with the international community.
For day-to-day operations of law enforcement agencies, data analytics capabilities that could handle huge volumes of data received would need to be built. Data indexing and analytics platforms which can help in classifying information, identifying trends, performing keyword searches and visualising outlier data elements would need to be deployed. Challenges in terms of employee skillsets for handling such tools and technologies need to be addressed through relevant trainings.
Focus on cyber forensics
Since a large number of illegal activities are carried out using computers and mobile devices, making it hard for organisations and investigators to establish culpability, organisations are increasingly depending on cyber forensics to detect and receive accurate facts of such incidences. Cyber forensics encompasses the recovery and investigation of material found in digital devices, following standard procedures acceptable in a court of law.
It is also interesting to note that these days, cyber forensics is also often being used in criminal or civil courts to support or refute a hypothesis. It is also used extensively in the private sector during internal corporate fraud investigations or intrusion investigations (for example, investigating a system breach which occurred from outside or loss of customer data).
Various government law enforcement agencies are now required to increasingly cooperate among themselves to identify, track and extract evidences in order to capture criminals. Going forward, digital forensic evidence such as system logs and user identity details would need to be co-related in near real-time with telecom data such as GPS coordinates for effective monitoring and tracking of criminals.
A holistic approach to utilising cyber forensic technologies, along with monitoring platforms having data analytics capabilities could be a key requirement for running secure e-governance services. Cyber forensic practices can help security and law enforcement agencies in extracting evidence for effective legal re-course by helping ensure that correct procedures for acquiring, handling and preserving digital evidence is followed so that it is admissible in the court of law.
Cyber forensic efforts can be greatly enhanced if the organisations have appropriate audit trails and logging mechanisms established in their business environment. Lack of system level audit trails generated at the time of business activities/transactions can hamper the investigation as cyber forensic cannot recover something not created in the first place. It could become difficult to propose/test hypothesis without having appropriate audit trails to substantiate the analysis.
Legal and international co-operation can be important to ensure that cyber criminals are brought to justice. Many of the cyber-attacks originate either from overseas or routed through multiple countries involving multiple jurisdictions and law enforcement agencies. International co-operation could be therefore imperative to ensure speedy cyber investigations.
Monitor change to protect
With increasing technology awareness as well as regulation such as Companies Act, 2013 that lays emphasis on fraud risk management and fraud reporting, information technology departments in government and public sector organisations are increasingly implementing forensic controls in IT systems and IT processes to facilitate an amicable environment for digital forensics, should the need arise.
On the technology front, cyber security is itself constantly evolving and adjusting to meet the demands of newer technologies released in the digital world.
Besides the advancement in the digital monitoring and forensic investigation tools, the methodologies or techniques developed to obtain the information have also become more advanced. Hence, building forensic controls in IT systems and processes can be a good starting point for managing risks, periodic monitoring of security risks, and evolving IT forensics controls could be vital to ensure that government agencies protect digital infrastructure and continue to expand effective e-governance services.
A positive effect of such a dedicated exercise would be that the government is able to effectively manage cyber risk from a technology standpoint and should they be impacted, they would have the effective wherewithal to ensure that the criminals are brought to book and the damage caused by the crime is minimised.
Ever since the controversy over Major Leetul Gogoi`s meeting with a young girl in a Kashmir hotel started raging on May 23, I have seen that people, particularly scribes, are leaving no stone unturned to blemish the Indian Army’s image. First things first! If the meeting had happened a
IIT Bombay Racing will launch its 6th generation electric car ‘EVoX’ in the institute’s on Saturday. The racing car developed by Formula Student team from India based at IIT Bombay is designed to run at 100 km per hour in just 2.88 seconds. It is powered by 40 KW motors, titanium uprights
SAIL has supplied 10,500 tonnes of steel for the 330 mega watt hydroelectric project, featuring three power generating units of 110 MW each. The enterprise’s steel supply consists of TMT rebars, structurals, plates and sheets. SAIL had also supplied around 70 percent steel used in the
The recent visit of Ambassador of Algeria to India H.E. Hamza Yahia Cherif to Goa Shipyard Limited has given a boost to the PSU’s ambition of receiving international orders from the Mediterranean region. CMD, GSL, Rear Admiral (Retd) Shekhar Mital apprised the Ambassador about various
IndianOil has clocked a net profit of Rs 21,346 crore for 2017-18 fiscal as compared to Rs 19,106 crore in the last fiscal. The reported revenue from operations for 2017-18 FY was Rs 5,06,428 crore as compared to Rs 4,45,442 crore in 2016-17. IndianOil’s reported revenue from operation
A memorandum of understanding (MoU) was entered amongst Bihar government, Bihar State Power Holding Company Ltd. (BSPHCL), Bihar State Power Generation Co. Ltd (BSPGCL), North Bihar Power Distribution Company Ltd.(NBPDCL), South Bihar Power Distribution Company Ltd.(SBPDCL), Bihar State Power Transmission