Cyber Crime Investigation is a multifaceted field within the investigative community. Cyber crimes range from simple password stealing and phishing schemes to more complex and heinous acts such as child exploitation, human trafficking, and ransomware attacks. Investigative tactics vary based on the nature of the cybercrime. Before delving into the investigation process, investigators must follow key steps to ensure the correct gathering and analysis of evidence.
Investigation Steps:
1. Crime Assessment
- Ask fundamental questions: "Who, what, where, why, how, and when?"
- Gather surface-level information to prioritize resources.
- Determine the tools needed for evidence discovery.
2. Evidence Collection Procedure
- Follow established procedures by investigating supervisors or department officers.
- Ensure evidence is collected in the correct order to maintain the chain of custody.
- Avoid legal challenges by handling evidence appropriately.
- Obtain necessary warrants or court orders for device inspection.
3. Evidence Assessment
- Examine various devices to identify their relevance to the case.
- Determine the type of evidence that can help solve the crime.
- Follow established procedures for evidence collection and cataloging.
4. Crime Methodology and Evidence Identification
- Decide what actions would be required to commit the crime or leave evidence.
- Tailor the investigation based on the nature of the crime.
- Acquire the necessary warrants or court orders for device inspection.
5. Evidence Examination
- Analyze collected evidence using custom search profiles.
- Use search profiles developed during the assessment stage.
- Collaborate with the prosecution team to build the case in court.
- Subpoena additional evidence if required.
6. Reporting Phase
- Compile complex information and analysis for the prosecution.
- Work with experienced forensic scientists to translate findings into a format comprehensible to prosecutors.
- Utilize ADF Tools reporting feature to present evidence validity in an easily understandable format.
Effectively navigating the intricacies of cyber crime investigation requires a systematic approach, from initial crime assessment to the final reporting phase. Following these steps ensures a thorough and legally sound investigation, providing the prosecution with the necessary tools to convict a suspect.
