The importance of computer forensics in cybersecurity
Computer systems are currently considered as the central storage of data with enormous value, being vulnerable due to the movement through cyberspace, the so-called cybercrime starts from a search for illegal information to access, interfere, abuse, falsify data and systems, which are already criminalised in the Penal Code and conventions such as the Budapest Convention 2001.1
This form of crime has become ubiquitous in all digital spheres, intensifying its development and the creation of new crimes. Crime scenes, perpetrators, instruments and, above all, 'modus operandi' have been transformed by the digital era, and cybercrime has taken a strong position in the global computer network.
The devices used to carry out cybercrime contain digital and physical evidence, making it essential to have full knowledge of Computer Forensics, a science capable of examining a digital scene and identifying the other elements of cybercrime, and thus obtaining investigations of great police and judicial value.
The network contains security gaps and the lack of responsible use by the population, which makes it vulnerable. Therefore, the identification and analytical virtue of computer forensics generates hope for security in the busiest environment, the internet.
The basic objective is to learn about the integration of computer forensics in cyber-investigation, its concept, analytical methodology, the role of the expert, the main strategies and tools for application by the responsible bodies.
The objectives to be achieved include
General:
- To learn about the integration of computer forensics in the investigation of cybercrime.
- To understand the analytical methodology applied in the investigation by the responsible bodies.
Specific:
The following specific objectives are derived from these general objectives.
- Identify digital and physical evidence and its treatment.
- To break down the phases of the forensic investigation.
- To relate the figure of the computer forensic expert to the investigation.
- To understand the importance of its application and continuous integration in cyber-investigation.
The agency, an expert in social media management, estimates that 490 million have become new internet users, which is equivalent to more than 53% of the world's population interacting with the worldwide web.2
The internet is a two-edged sword, on the one hand the benefits obtained are the greatest in history, but at the same time the enormous damage to people and infrastructures is recognised, and in the face of this, information systems weaken their foundations such as reliability, integrity and accessibility.
Due to the increase in the storage of information on the network, it has become a system that is more vulnerable to becoming a victim of cybercrime, often creating atypical, homemade scenes and means that are very difficult to identify and analyse.
The innovation of cybercrime sometimes limits the action of computer engineering or other sciences, due to the lack of specific knowledge, it should not be forgotten that it is a crime and for this reason criminological and forensic research must be applied.
The science capable of interpreting, guiding and identifying cyber investigations is computer forensics, which, by using techniques, strategies and tools, will make it possible to know with certainty the indications, perpetrators, modus operandi and instruments of computer crimes.
Since 1980, its development has not waned, Michael Anderson bet on the future usefulness that could be obtained from this forensic branch, the capacity to analyse and aid the Administration of Justice was observed.
Karol Hernández García, collaborator in the Cybersecurity area of Sec2Crime
References:
1 Convention on Cybercrime, 2001 (No.185), Budapest, 23 November 2001.
2 Alvarez, J. (January 27, 2021). Digital Report 2021: The report on digital trends, social networks and mobile. We are social. http://url-del-blog.com.