Author: Anthony Reyes
ISBN No: 1 59749 133 0
Review date: 08/12/2025
No of pages: 412
Publisher: Syngress (Elsevier)
Year of publication: 11/09/2012
Brief:
The author of a book about cyber-crime sympathises if you had pain switching from a typewriter to a computer. A PC may be merely an aid to a ‘traditional’ crime, he writes.
The author of Cyber Crime Investigations is a former New York Police Department computer crimes detective. “Almost every cyber crime has, at its base, a good old-fashioned crime attached to it.” That may be theft or stalking; an exception may be defacing websites, or denial; of service attacks. Note that the title includes investigations: the writer concentrates on the practical. He admits: “There are many grey areas in the cyber crime investigative and forensic process. Some are due to inefficiencies in the law, while others are due to the rapid change of technologies.” He wonders if computer forensic standards are too rigid, and if people forget the crime.
Response and analysis
Reyes details how to respond to an incident, eavesdropping on wireless networks, analysing data and preventing cyber-crime. From his work he has been alive to the dilemmas – such as corporates not wanting their servers taken down for the sake of forensics, because that would shut down the company. Nor, would you believe it, does a company want to call in police then be all over the news for a breach of security or an employee arrested for viewing pornography. If phrases such as encrypted file systems and ‘keyword search for the term keylogger’ are double dutch to you, each chapter has a page of bullet points as an aid. The only drawback to this book as with any written by Americans, is that the laws and courts are different to ours, with talk of plea bargains and attorneys. Still, the work is similar, whether as an expert witness or seizing data – deciding whether or not to pull the plug, in a word. If you think that IT crime is not your problem, consider ESM – enterprise security management, a term for security event monitoring and analysis software. In other words, you can check on insider threats whether using IT products such as firewalls or physical security systems such as digital recording of CCTV or access control readers. The ESM looks at the data and flags up anomalies.
Identity
As Reyes shows in the chapter on prevention, arguably the most useful chapter to the general security person, defence against crimes with a cyber component is for all of us. In your workplace, do staff ever fail to log out? Does anyone share a password? Or give corporate information in a blog? To repeat, cyber crime often has an old-fashioned ring; the scene of the laptop theft is the unlocked office or car. If a workmate sends an email with a video clip, the intention was pure but a virus or spyware was installed at the same time, to steal data, maybe to steal passwords, for fraud. Reyes says it is time for stiffer penalties against those corporate leaders hiding cyber crimes. Nor is the threat only against the plc; even a university or a charity may have its IT systems hit by a virus because a computer user or volunteer was not vetted. Reyes has a page of photos of objects that can steal stored data, all easy to hide including a mobile phone and pocket knife with USB storage device. As we start to make a conscious effort to learn we can help thwart cyber crimes, Reyes says – but even he states we can only make a dent in such crime.
Useful and full references for each chapter, and a full index, and plenty of diagrams.
