A Good Plan is Crucial in the Fight against Cyber Crime

Join Cybrary

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

< Back to Blog Posts

A Good Plan is Crucial in the Fight against Cyber Crime

Published: June 13, 2015 | By: Rachel Laura M | Views: 822
save

In a physical crime scene, say a home has been burned down as a result of an arsonist or maybe a home has been burglarized, the role of first responders on the scene is very important. These skilled individuals must be able to avoid contaminating the crime scene or destroying evidence, all the while securing the crime scene and documenting every detail, down to the most minute. First responders take note of the victims, the lighting, talk to witnesses and potential suspects and try to gather any other information that could be integral in solving the case. Those who arrive on the scene after first responders wear special clothes, foot covering and latex gloves to maintain the preservation of the crime scene and gather any additional evidence. Roles are clearly defined and everyone knows their tasks.

These same ideas apply when cybercrimes occur. Individuals skilled in the field of digital forensics arrive on the scene to collect crucial evidence. Care needs to be taken to preserve important evidence, however since first responders of digital crimes tend to be members of a company’s cyber security team or network administrators, they tend to prioritize lessening the attack rather than preserving evidence and this can lead to crucial evidence being tampered with or even destroyed. This rush to end an attack could destroy the very information crucial to helping investigators discover how the hackers or malware got into their system which would help investigators solve the crime. Often, the focus is so much on getting the system back up and running, that evidence is often destroyed.

To keep this from occurring, companies need to have a clearly defined plan of action in case of a cyberattack. The plan needs to answer the following questions and be ready to implement in case of an attack:

  • Who is on the response team?
  • Who has the authority to take down systems and networks?
  • Who will collect evidence?

In addition to having a plan in place that everyone is aware of, it’s also a good idea to staff the response team with experts in computer forensics to lessen the risk of any data loss. Moreover, if cyber incident responders find an attack before forensic investigators arrive, they need to take very detailed attacks about when the attack occurred and any actions that have been taken. Preserving evidence needs to be the first priority an as this can take a long time, it is recommended a company have replacement set of hard drives so a company’s business operations can get back up and running as quickly as possible while allowing incident responders to gather their evidence.

Since cybercrime is so prevalent today, it is crucial for today’s professionals to learn about the latest techniques in the field, such as knowing NTFS and CHDisk. So, this is yet another reason to spend more time taking free cyber security training with us!

 

 

< Back to Blog Posts
Enjoy this blog post? Want more Cybytes?
Invite a Friend
and share now
Facebook Twitter Google+ LinkedIn Email
Join Cybrary
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel