NCJ Number
66083
Date Published
1980
Length
77 pages
Annotation
FOR INVESTIGATORS OF COMPUTER-ASSISTED CRIME, THIS OPERATIONAL GUIDE DISCUSSES VARIOUS APPROACHES TO THE INVESTIGATION, EVIDENCE COLLECTION, AND POSSIBLE LEGAL PROBLEMS IMPEDING THE INVESTIGATION.
Abstract
BECAUSE ONLY 15 PERCENT OF ALL COMPUTER CRIME IS REPORTED TO LAW ENFORCEMENT AUTHORITIES, THE COMPUTER CRIME INVESTIGATOR MUST DEVELOP CONTACTS AMONG THOSE PEOPLE LIKELY TO REPORT SUCH CRIMES. SEVERAL STEPS ARE REQUIRED IN ORDER TO ANALYZE POTENTIAL COMPUTER CRIME, SUCH AS HAVING A GENERAL FAMILIARITY WITH THE COMMON TYPES OF COMPUTER CRIME AND THE LAWS THAT APPLY TO THESE CRIMES, CONTACTING EXPERT ASSISTANCE, AND DEVELOPING A WORKING KNOWLEDGE OF THE VULNERABLE POINTS OF A COMPUTER SYSTEM (INPUT, PROGRAMMING, SOFTWARE, OPERATING SYSTEM, DATA BASE, OUTPUT, HARDWARE, AND COMMUNICATIONS). THE INVESTIGATOR MUST ALSO KNOW THE TYPICAL THREATS OF VULNERABILITY AT EACH POINT, THE TYPES OF RECORDS TO LOOK FOR, AND THE PERTINENT PERSONNEL WITH WHOM TO TALK. PPROBLEMS IN GATHERING EVIDENCE ARE DETAILED, INCLUDING THE NATURE OF THE SYSTEM AND LEGAL DIFFICULTIES, AND POSSIBLE SOLUTIONS TO BOTH TECHNICAL AND LEGAL PROBLEMS ARE REVIEWED. ONCE THE EVIDENCE IS OBTAINED, OTHER CONSIDERATIONS ARISE, SUCH AS THE POSSIBILITY THAT THE EVIDENCE CANNOT BE MOVED, MAINTENANCE REQUIREMENTS OF THE EVIDENCE, VOLUME, VISUAL FUNGIBILITY, AND LEGAL REQUIREMENTS. IN PRESENTING THE EVIDENCE, THE INVESTIGATOR MUST BE CONCERNED THAT THE CASE WILL NOT BE THROWN OUT OF COURT DUE TO FAULTY EVIDENCE. LEGAL REQUIREMENTS FOR COMPUTER MEDIA TO BE ACCEPTED AS EVIDENCE ARE DISCUSSED, AS WELL AS POSSIBLE SOLUTIONS TO ENSURE THAT THE EVIDENCE WILL BE ACCEPTED. ENDNOTES, AN ANNOTATED BIBLIOGRAPHY, AND APPENDIXES OF RELATED ARTICLES AND CHECKLISTS ARE PROVIDED. (PRG)