Crimes committed within the electronic or digital domains, particularly within cyberspace, have become general. They use technology as a footprint, commit offenses, and create new blueprints for law enforcement, attorneys and security professionals, and the legal departments. Digital Forensics has become an essential instrument in identifying and solving computer-based and assisted crime.
By Priyanka S. Joshi, CISO – Risk and Control Specialist and Technical Advisory, UBS
The digital age has undoubtedly revolutionized the life and work of many. On the flip side, the alarming rise in cybercrimes has become a major concern for cyber specialists as the continuous changes in the digital world attract more cybercrime. And experts use Digital Forensics to check this crime. Digital Forensics is the procedure of investigating computer crimes in the cyber world. The forensics process involves collecting, preserving, analyzing, and presenting evidence from digital sources.
Digital forensics experts have devised scientifically proven methods for identifying, collecting, preserving, validating, analyzing, interpreting, and presenting digital evidence derived from digital sources to facilitate the reconstruction of events that led to a breach.
Let’s discuss the major challenges of the digital world:
Technical Challenges: Encryption, data hiding in the storage space, covert channels are the major technical challenges today. Digital forensics experts use forensic tools for collecting shreds of evidence against criminals. And criminals themselves use such tools for hiding, altering, or removing the traces of their crime; this process is known as anti-forensic techniques. Another common challenge is operating in the cloud, time to archive the data, skill gap, and steganography.
Legal Challenges: There is an absence of guidelines and standards, and limitations of the Indian Evidence Act 1872. For instance, consider the case of dealing with the admissibility of an intercepted telephone call in a CDR (call data record). This was done without a certificate under Section 65B of the Indian Evidence Act, 1872. The court observed that the secondary electronic evidence without a certificate under Section 65B of the Indian Evidence Act, 1872 is not admissible and cannot be investigated by the court for any purpose whatsoever.
In most cases, the cyber police force lacks the necessary information that qualifies, and the ability to identify the possible source of evidence is unavailable. Often, the electronic evidence challenges the court due to its integrity, where the absence of proper guidelines and the non-availability of appropriate explanations of the details and acquisition gets dismissed.
Other common challenges are:
- Privacy issues
- Admissibility in the courts
- The preservation of electronic digital evidence
- Analyzing a running computer
Resource Challenges: Change in technology, volume and replication can be found in the resources area (Indian Evidence Act 1872). Due to rapid changes in the technology, operating system, and application software and hardware, reading digital evidence from an older version to support a newer version is a growing challenge. The confidentiality, integrity, and availability of e-documents are easily manipulated. In this, the WAN and the internet support a vast hand, which can share the data beyond physical boundaries, and creates the difficulty of understanding the origin of the data…To read the full story, subscribe to CISO MAG.
This story first appeared in the June 2021 issue of CISO MAG.
About the Author
Priyanka Joshi is a Risk and Control Specialist/Technical Advisory at UBS. As an infosec professional, she believes knowledge and experience are pathfinders to success. Joshi also believes in maintaining the company’s legal and ethical integrity. Before joining UBS, Joshi was a Compliance Manager at a small firm for a health care company based in the U.S., where she was responsible for the HIPAA security enforcement on the business software and people working for it.
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.