Guest Author - Maria S. Cuasay
Cyber crime is on the rise. The Internet and social media channels expose the unwary to offers for non-existent cars, alluring ads for lonely hearts or financial deals that border on extortion. The Internet Crime Complaint Center operated by the USA's Federal Bureau of Investigation receive claims worldwide. There were over 260,000 filings in 2014 alone. The variety and frequency of fraudulent activities will only increase with time.
The emergence of the social web has affected citizen rights and privacy laws exposing the need for cyber forensics closer to home. Local police now investigate cases of web confidence scams and cyber bullying and shaming. With the integration of the Internet into essential services and the growing technical proficiency by criminals, electronic warfare can be carried out on any company or institution via coordinated denial of service attacks or infiltrated by way of an innocent-looking email with a malicious link.
A new computer career speciality arose to combat digital-related crimes. Computer forensics experts employ their legal knowledge, deductive reasoning and technical skills to find and identify data and resources which could serve as legal evidence. The job titles vary but the basic positions include:
• Computer Forensics Technician
• Computer Forensics Examiner
• Computer Hacking Forensic Investigator
• Cyber Security Forensic Analyst
• Information Security Manager
Enter the Computer Forensics Experts
A computer forensics technician does physical, hands-on recovery of digital media such as computers, hard drives, servers, media players, cellular phones, flash drives, smart phones, game consoles, digital video records, DVDs, CDs and any other kind of digital media that may hold data critical to an investigation. They often need to disassemble machines to get to the essential hardware. They use specialized tools and software to retrieve all available data which can be used for further analysis.
A forensics examiner or analyst sifts through the data collected by a technician. The analyst looks for how and why data is pertinent to a case. For example, an analyst may examine a series of emails and from their content deduce that a specific email proves criminal intent or harm. The examiner then records and communicates his or her findings to the law enforcement or security officer in charge of the investigation. Communication skills are vital as it is often the forensics examiner who liaisons with the authorities handling a case.
An investigator with specialized knowledge of hacking methods may be utilized to gain access to encrypted data or to digitally trace evidence to its original creator or source. A hacker investigator must ensure that the results of his or her investigation is admissible in a court of law.
While most computer forensics positions are in law enforcement, military and government institutions, there is a growing need for the position in corporate and academic circles. Information security managers and cyber security analysts are employed to identify threats to internal systems and networks within universities and companies, big and small. They work to improve network hardware and software protections against an ever-changing roster of electronic intrusion and attacks as well as unauthorized internal access.
Becoming an Expert
For the last decade, digital forensics personnel have transitioned from jobs in law enforcement or the military. To their existing knowledge and experience of the justice system was added networking, hardware and software development skills. A handful of commercial vendors created certifications specific to the installation and use of their own products.
Because of the paramount requirement of encompassing all digital forensics within a legal framework, the discipline is neither purely technological or wholly based on the law. Only in recent years have universities recognized this field as distinct from computer science or information technology. Universities worldwide now offer associates, bachelors and graduate degrees.
Certifications in escalating expertise are offered by vendors and independent accreditation bodies. Testing may be carried out on-site or proctored at approved locations. Certifications must be renewed within a specified number of years. Among online job sites the most sought after certifications are:
• GCFA: Global Information Assurance Certification (GIAC) Certified Forensic Analyst
• GCFE: GIAC Certified Forensics Examiner
• EnCE: EnCase Certified Examiner
• CSFA: CyberSecurity Forensic Analyst
A Career for the Curious and Dedicated
The investigative field (includes digital forensics and private investigation) is expected to grow 20% through 2020. Digital forensics is finding its niche in more and more places. Those thinking of transitioning from software development, network administration, law enforcement or the military may find computer forensics a good second career. Bear in mind that extensive background and criminal checks are standard in the employment process for this position.
Cyber security and computer forensics are relatively new fields but the job has depth and challenge. While forensic personnel are rarely involved in day to day law enforcement, the demands of the job are high as the innocence or guilt of an individual may be decided based on the gathered evidence. As with most technical fields, there is the element of constant learning as technology and cyber crimes evolve.
Computer forensics is a computer career guaranteed to satisfy your inner Sherlock Holmes or Miss Marple. For that alone it's worth exploring.