6 Types of Hackers

Hacking is the process of gaining unauthorized access to a computer network or an electronic device. Individuals breach into a system either to cause harm or to highlight vulnerabilities in existing security measures.

There are some others whose motives remain ambiguous or even double-sided. Hackers are of six main types-

  1. White Hat Hacker
  2. White Hat Hacker
  3. Grey Hat Hacker
  4. Red Hat Hacker
  5. Hacktivist
  6. Script Kiddie

 

White Hat Hacker

White hat hackers are the ethical hackers who use their skills to discover loopholes in existing cybersecurity measures to help fix them. These individuals are in high demand from companies that routinely handle sensitive data, in addition to government agencies that are responsible for national security. In the current internet era, white hat hackers are in high demand since the number of cybercrimes has increased drastically.

Private corporations often recruit white hat hackers as a part of an in-house IT security team. Moreover, white hat hackers also work as freelance cybersecurity consultants and participate in bug bounty programs. Companies that offer bug bounty programs generously reward ethical hackers who can discover and highlight exploitable vulnerabilities.

White hat hackers think almost exactly like Black Hat hackers and will try to breach into computer systems using every possible way. However, they do not steal any information or cause disruption. White hat hacking techniques are extremely useful in looking for loopholes that may endanger confidential information.

Black Hat Hacker

Black hat hackers are malicious individuals in cyberspace who try and break into systems & networks to steal confidential information. In addition to stealing, a black hat hacker may also delete or modify certain crucial files to cause disruption and inflict losses. These individuals have stimulated the need for cybersecurity.

In the span of one year between 2013-14, Yahoo suffered one of the worst data breaches in history. The internet giant disclosed that nearly all the 3 billion user accounts had been compromised. The stolen data included names, dates of birth, email addresses, and passwords. Moreover, it was also revealed that hundreds of millions of phone numbers linked to Yahoo accounts have also been stolen.

This was perhaps the worst cyberattack in history, severely affecting Yahoo’s reputation and reducing its valuation significantly prior to its sale to Verizon.

In 2018, luxury hotel chain Marriott International announced that hackers had stolen data of nearly 500 million customers. The stolen information included passport information, contact details, and travel plans. Additionally, Marriott also lost credit card information of about 100 million customers to the attack.

Black hat hackers will use any means necessary to gain unauthorized access into systems and cause disruption. They continue to evolve their methods as a response to growing cybersecurity awareness.

(https://texial.net/iff/the-5-biggest-data-breaches-of-2018/)

Grey Hat Hacker

Grey hat hackers use methods that are similar to those of white and black hat hackers. However, they do not have any malicious intentions. These are among the most common types of hackers on the internet. A grey hat hacker may breach into a company’s private servers, but instead of stealing information, will notify the management about the vulnerability.

Sometimes the hacker may also offer to fix it for a fee. They neither steal data nor do they offer their services as security experts. But they don’t particularly concern themselves with the cybersecurity of others.

Numerous companies maintain secure databases at several locations. A grey hat hacker usually tries to find ways of illegally acquiring such confidential information. If an exploitable vulnerability is indeed present, the hacker contacts the company’s officials to inform them about it, so that appropriate action can be taken.

Red Hat Hackers

Red hat hackers are similar to policing agents on the internet. They actively search for black hat hackers and shut them down. Whenever they find one, they don’t report the hacker to the authorities, but take matters into their own hands. A red hat hacker will hack the would-be attackers’ computer and halt their malicious activities.

For instance, a red hat hacker can overload a black hacker’s network to block his attempts. Furthermore, some red hat hacker may also employ aggressive methods that may completely wipe-out a black hat hacker’s computer.
In addition to acting individually, groups of red hat hackers may also team up to attack multiple black hat hackers.

Hacktivist

Hacktivists are hackers who seek to garner publicity for a certain cause by hacking into the systems or websites of relevant organizations. A Hacktivist may deface the website of a particular company or government agency to protest against certain policies and bring it to the public’s attention and raise awareness.

One of the most famous hacktivist groups operating online is called Anonymous. The group achieved global publicity for its efforts against the terrorist outfit ISIS. Anonymous successfully brought down nearly 150 websites associated with ISIS, in addition to identifying nearly 1,00,000 twitter accounts and 5000 videos used to spread propaganda and hate.

Wikileaks is another famous example of Hacktivism. The organization successfully acquired and released thousands of classified government documents relating to the US war in Afghanistan. The leaked documents highlighted several instances of US soldiers killing Afghan civilians and reporting them as collateral damage.

In addition to this, Wikileaks published documents pointing to malpractices aimed at sabotaging the 2016 election campaign of Democratic presidential candidate Bernie Sanders.

Script Kiddies

A script kiddie is an amateur hacker who is only aware of basic hacking techniques. Script kiddies are unlikely to cause significant damage. Such people mainly use open-source hacking software or borrow it from people they know. Script kiddies don’t pose significant threat to anyone’s data and are potential hackers at best. Such individuals can deface a poorly protected website or slow it down by redirecting more traffic.

An increasingly connected digital world maximizes the threat of cybercrime manifold. As more internet companies emerge, the dearth of trained cybersecurity professionals creates exciting career opportunities. As a result, it provides a brilliant opportunity for governments to bolster employment and make the internet safer.

Sign up for cybersecurity courses at the Texial to become a highly sought-after ethical hacker. Learn from experienced industry professionals with hands-on training sessions to forge a lucrative career.

For more information visit our website-

Training and Consulting

Sources:

  1. https://www.geeksforgeeks.org/types-of-hackers
  2. https://bestiphider.com/types-of-hackers
  3. https://www.cybrary.it/0p3n/types-of-hacker

Branches of Forensic Science

The Branches of Forensic Science

Forensic Science and its cardinal role in criminal investigations can be aptly summarized in the words of Fiction Writer, Chuck Palahniuk.

“Everything is a self-portrait. A diary. Your whole drug history’s in a strand of your hair. Your fingernails. The forensic details. The lining of your stomach is a document. The calluses on your hand tell all your secrets. Your teeth give you away. Your accent. The wrinkles around your mouth and eyes. Everything you do shows your hand.”


This is precisely what Forensic Science is, in a nutshell!

Forensic Science with its multi-disciplinary approach is that essential link that helps glue together all kinds of evidence in any form of investigation. It involves the application of the principles and methodologies of various disciplines of science to legal matters. Here is a bird’s eye view of the diverse branches of Forensic Science.

1. Trace Evidence Analysis:

Going by Locard’s Principle that “everything leaves a contact”, trace evidence analysis provides crucial links to the perpetrator. Trace evidence is anything that is transferred during the commitment of a crime such as human/animal hair, rope, soil, fabric fibers, feathers, building materials etc. Trace Evidence Analysis involves the recovery of such evidence and their forensic examination to obtain information that can be used in the court of law in association with a case or to answer any other legal query.

2. Forensic Toxicology:

Forensic Toxicology is the study of the presence of toxic substance inside a body and the effect that they had on the individual. It encompasses methods and procedures from various disciplines such as analytical and clinical chemistry, and pharmacology to aid in the medical and legal investigation of death due to poisoning or drugs. This branch of forensic science is of prime importance in road accidents, poisoning, and sexual violence.

3. Forensic Psychology:

Forensic Psychology is the application of psychology to legal and criminal matters. Forensic psychologists study criminals and their crimes to draw conclusions about the personality traits of the perpetrators and thus assist in criminal profiling. Criminal profiling involves giving a detailed description of the personality and behavioral traits of the criminal. Forensic psychologists perform multi-faceted tasks some of which are counseling victims of a crime, evaluating child custody, death notification procedures, and evaluation of post-traumatic stress disorder.

4. Forensic Podiatry:

Forensic Podiatry deals with the application of specific podiatric knowledge i.e. an understanding of the abnormalities and diseases of the ankle, foot, and lower body, and lower limb anatomy, and musculoskeletal function. This is particularly helpful in the investigation of foot-based evidence with respect to a criminal incident.

5. Forensic Pathology:

The branch of pathology that deals with the examination of a corpse to determine the cause of death is called Forensic Pathology. It involves the deduction of facts admissible in the court of law by collecting and analyzing medical samples. For example, a forensic pathologist can examine a wound to identify the weapon used to cause that. Therefore, forensic pathology helps draw crucial inferences on whether the death is natural, criminal or accidental.

6. Forensic Odontology:

Forensic Odontology/Forensic Dentistry involves the proper handling, analysis, and evaluation of any form of dental evidence that would be later used as a legal evidence in the court of law. Often when the victim’s body is left in an unrecognizable state, it is forensic odontology that helps investigators in identifying them. Forensic dentists play a crucial role in the comparative identification of a person by analyzing the development and anatomy of the teeth including filling or other restorative dental corrections. Criminal investigations comprising bite marks largely involve the discipline of Forensic Odontology.

7. Forensic Linguistics:

Forensic Linguistics involves the application of linguistic knowledge and methods to criminal investigations and judicial proceedings. Such linguistic experts are skilled at analyzing the written and spoken language of a perpetrator to draw crucial inferences about the offender’s age, gender, age, education level, culture, ethnicity, socio-economic and geographical background, and for that matter even spiritual and religious beliefs! They are involved in the careful examination of forensic texts such as emergency calls, demands of ransom, suicide notes, social media and death row statements.

8. Forensic Geology:

Forensic Geology or Geoforensics deals with the examination of evidence related to materials found in the Earth such as oil, petroleum, minerals, soil, rocks and the like. Such examination is associated with the forensic context such as investigations and answering questions put forward by the legal system. Thus, Forensic Geologists analyze earth materials recovered from the incident scene, victim or suspect to strengthen evidence against the suspect, draw inferences about the time and cause of the incident and to obtain other relevant information as a part of the investigation.

9. Forensic Entomology:

Forensic Entomology involves the application and study of the biology of insects and other arthropods such as arachnids, centipedes, millipedes, and crustaceans to solve criminal cases. Due to the presence of such organisms in decomposing ruins, forensic entomology is primarily used for death investigations, determination of the location of an incident, postmortem interval and to arrive at the precise time of the infliction of wounds.

10. Forensic Engineering:

Never thought that there would be a different branch of forensics altogether for the investigation of products, materials, mechanical components or structures that fail or are unable to function as desired resulting in personal injury or property damage? Well, that is what Forensic Engineering is all about. It involves the application of engineering principles for the investigation and analysis of such mechanical and structural failures.

11. Forensic DNA Analysis:

In addition to fingerprints, DNA is the other biological parameter which is unique to a particular individual. DNA profiling is a commonly used forensic technique in criminal investigations for the identification of an anonymous person or to zero in on the perpetrator. The biological evidence used for DNA profiling include hair, skin, semen, urine, blood, saliva and even body remains in burn cases.

12. Forensic Botany:

As is evident from its name, Forensic Botany is the study and examination of plant-based evidence (leaves, flowers, wood, fruits, seeds, pollen) for criminal and non-criminal investigations and for answering other legal questions. Though it is still quite under-utilized in forensic investigations, application of botany in criminal investigations have helped investigators in the past to ascertain the manner and time of death in certain complex cases. Botanic trace evidence recovered from an incident scene often help in establishing crucial links to the suspect(s).

13. Forensic Archeology:

Wonder how geophysical and geological surveying techniques are used in forensics? That’s Forensic Archeology for you! Such techniques along with the use of photography and imaging enable forensic archeologists to assist the police and investigating officers to identify the site where the victim’s body and personal items, or robbed goods are buried. Forensic archeologists are also often leveraged for carrying out excavations or digs at historical and pre-historical sites. Such scientists are adept at using a range of techniques, one being carbon dating, to ascertain the age of items retrieved during an excavation. They often carry out mass excavations to produce evidence for war crimes trials, gas or bomb explosions, plane crashes and the like.

14. Forensic Anthropology:

In the course of an incident, bodies are sometimes rendered unrecognizable due to mutilation, burning, natural degradation etc. In such cases, Forensic Anthropology comes into the picture. Forensic anthropologists can examine human bodies/skeletons to help identify the individuals and arrive at the cause of death. They are skilled at determining the age, sex, race, and physique of an individual from the bones or bone fragments. Additionally, they can also determine the manner of death (suicide, accidental or due to disease), as well as if a bone injury retrieved was before, during or after the death.

15. Digital Forensics:

Digital Forensics is the current buzzword in the world of forensics. It involves the extraction and analysis of digital evidence (such as those found in computers, hard disks, USB drives etc.) using the most powerful forensic tools. It is mostly used in the investigation of cybercrimes. Digital Forensics is also associated with the criminal law where the digital evidence recovered is used to support or counter a hypothesis in the court of law.

16. Forensic Ballistics:

Forensic Ballistics involves the analysis of any evidence related to firearms (bullets, bullet marks, shell casings, gunpowder residue etc.). This branch of science is particularly used in the investigation of incidents involving the use of a firearm, to draw inferences on the exact weapon used, the distance, velocity, and angle of firing, and ultimately the shooter himself.

About - Texial Cyber Security

Texial Cyber Security is a premier Cyber Security and forensic lab headquartered in Bangalore. In spite of being quite young in the Cyber Security and  forensic domain of India, Texial has emerged as the pioneer in the private cyber security and forensic laboratory segment. They boast of a strong team comprising cyber security and forensic experts specializing in multiple domains. That, coupled with a state-of-the-art digital cyber  and cyber forensic laboratory, has rendered them as a trustable resource for assistance on any kind of investigation. Texial Lab adopts the latest technological and forensic techniques to ensure that no stone is left unturned in any form of forensic analysis.

History of Forensic Science 

cyber forensic

The importance of forensic science is primarily associated with crime and crime scene investigations. However, have you ever wondered what the history of forensic science is? How did it start? When were forensic techniques first used? Who were the early forensic scientists?

What comes to your mind when you hear the word “forensic investigator”?

Doesn’t your brain immediately conjure up the impassive, dapper character sporting aviators and donning latex gloves?

You instantly start picturizing high-tech computers, UV lights, and criminal labs furnished with high-end equipment. Well, that is the image that the modern day crimes shows have created of a forensic investigator.

Interested to know the importance of forensic science over the ages? We have the answers right here.

Presenting the brief history of forensic science.


Tracing the Roots of the Importance of Forensic Science in Ancient Times

The history of forensic science awaits exploration as forensic science as a discipline was not much spoken about until recently. On increasing the cognizance of the subtle importance of forensic science in the past, one cannot but amp up the reverence for this field of science.

The word forensic has its origin from the Latin word “forensis” which stands for a forum.

Forensic Science is basically used in tandem with any discipline that has associations with the legal system. In a nutshell, forensic science is the application of scientific methods and principles to questions of law.

Or, in layman’s terms, forensic science is a discipline used by a forensic investigator to solve crimes.


The Building Blocks in the History of Forensic Science – The Origin

Forensic science as a part of the modern-day criminal justice system is still in its formative years. Interestingly, the importance of forensic science dates back to some of the ancient civilizations.

The earliest application of forensic science dates back to the ancient Greek and Roman societies.

Those civilizations made significant contributions to the field of medicine, especially pharmacology. Their research on the production, use, and symptoms of toxins made the study of their use in past murders possible.



History of Autopsy

Familiar with the word “mummification”?

Did you know that the Egyptian civilization back in 3000 BC performed the first instance of an ‘autopsy’? They performed the religious practice of the removal and examination of the internal organs of humans after their death. Thus, they are the earliest civilization to perform an autopsy.

Interestingly, the first officially recorded autopsy was performed way back in 44 BC!

This was when a Roman physician, Antistius, examined the slain body of Roman politician and general, Julius Ceaser. The autopsy revealed that though stabbed 23 times, his death actually resulted from one wound through this chest.


Importance of Forensic Science in the Early Roman Dynasty

Early in the 1st century AD, Roman orator and jurist Quintilian used basic forensics to acquit an innocent.

The Roman model forms the foundation of the modern day court and legal system. Thus, the application of scientific principles in the examination of evidence in ancient Rome is not surprising. However, with the fall of the Roman Empire in the West, the applications of forensic science in criminal justice stagnated over the next millennium.


The Origin of Pathology

Ever wondered what was the very first guide to pathology? The book Xi Yuan Lu (The Washing Away of Wrongs) published in the 13th century in China by Song Ci.

Xi Yuan Lu is the first written testimony of the use of medicine and entomology to solve crimes. This book is one of the earliest available literature to help determine the cause of death.

The book explained how to distinguish an accidental death from a murder by examining the weapon used to cause death. It threw light upon important topics such as:

  • How to preserve evidence during the examination process?
  • How to make an antiseptic?
  • How to extract a hidden injury from dead bodies and bones?
  • How to calculate the time of death based on the weather and insects? and
  • How to wash a dead body for examination?


The Early Methods of Forensic Examination used by a Forensic Investigator

One of Song Ci’s account in his book talks about the basic methods used to crack a murder case.

First, the investigator tested various blades on an animal carcass and compared the wound to the actual one. This helped him deduce that the weapon used to commit the murder was a sickle.

Next, he asked every resident of the crime area to bring their sickles to one location. Eventually, the murderer confessed when the smell of blood caused flies to gather on his sickle.

The book also provided methods and logic to estimate if a death resulted from suicide, accident or murder.


Earliest Application of the Lie Detector or Polygraph Test by a Forensic Investigator

The earliest precursor to the Polygraph test was the examination of the saliva, mouth, and tongue of a suspect to deduce innocence or guilt.

For example, in ancient India, the suspect’s mouth was filled with some dry rice and in China with rice powder. They were then asked to spit it out.

In some middle-eastern cultures, the accused would have to lick heated metal rods briefly.

The principle used for these methods was that a guilty person would produce less saliva. Thus, if rice got stuck in their mouths or if their tongues got severely burnt, they were pronounced guilty.

 

The Glorious 16th & 17th Centuries in the History of Forensic Science

In 16th century Europe, the gathering of information on the cause and manner of death was first initiated by medical practitioners. A French army surgeon, Ambroise Paré, methodically studied the effect that violent death has on internal organs.

Italian surgeons, Fortunato Fidelis and Paolo Zacchia laid the foundation of modern pathology. They achieved this through a study of the changes occurring in the structure of the body due to a disease.

With the dawn of the 17th century, the importance of forensic science received a boost resulting due to the other advancements in science.


Modern Forensic Science Techniques Start Taking Shape

The forthcoming centuries witnessed a resurrection of forensic science with an increase in the application of science in solving crimes.

Techniques such as matching evidence like clothing fibers and footprints to those found on a suspect starting gaining popularity. Gradually, criminal investigations started revolving more around evidence-based and rational approaches.

Soon, the validity of confessions under duress and belief in occult practices such as witchcraft started diminishing in the courts.

Eventually, development of the technique of fingerprint analysis took place in 1880.


Fingerprint Analysis – A major milestone in the History of Forensic Science

The technique of fingerprint analysis to link incidents to suspects was a major breakthrough in the forensic landscape in 1880.

Fingerprint analysis resulted from the groundbreaking theory established by Henry Faulds and William James Herschel from the uniqueness of fingerprints. This study received a huge support from experts all over the world and was later accepted as a crucial evidence in the legal system.

The ancient Chinese used fingerprint analysis for the identification of business documents.

It was Francis Galton and Edward Henry who actually implemented Herschel’s fingerprinting practices in criminal investigations. Sir Francis Galton started the first system for classifying fingerprints.

Sir Edward Henry, the commissioner of the Metropolitan Police of London, used the direction, flow, pattern and other characteristics in fingerprints to develop his own system of fingerprint analysis.

Now, the Henry Classification System is the standard for criminal fingerprint analysis techniques worldwide.


Evolution of the Importance of Forensic Science Through the Ages

Two famous examples of the use of forensic science in the 18th and 19th century are worth a mention. These clearly showcase the use of logic and scientific procedures by forensic investigators during that period for criminal investigations.

First, the conviction of John Toms in Lancaster for the murder of Edward Culshaw with a pistol.

The crucial clue which was a turning point in this investigation was the perfect matching of a pistol wad. This was found from the dead body of Culshaw along with a torn newspaper recovered from Toms’s pocket.

The second was the trial and conviction of Warwick, a farm laborer, in 1816. Police retrieved and analyzed the footprints and cloth impressions that he left on the damp soil of the crime scene. A matching of the impressions in the earth near the pool where a young maidservant was drowned confirmed his role in her murder.

 


Forensic Ballistics – The Foundation

Scotland Yard’s Henry Goddard became the first in 1835 to connect a bullet to a murder weapon using physical analysis.

Gradually in the 1920s, bullet examination became more precise when American physician Calvin Goddard created the comparison microscope. This helped in drawing a crucial relationship between bullets and the shell casings from which they were fired.

Later, in the 1970s, scientists at the Aerospace Corporation, California, developed the method of detecting gunshot residue using scanning electron microscopes.


The Origin of Forensic Toxicology

Swedish chemist, Carl Wilhelm Scheele, first developed a chemical test to detect arsenic in corpses in 1773. His work was further elaborated by a German chemist, Valentin Ross, in 1806 to detect poison in stomach walls.

In 1836, Scottish chemist, James Marsh, did the first application of this forensic science technique. This test was actually used successfully in a murder trial at that time.

Almost a century later, scientist Karl Landsteiner received the Nobel Prize in 1930 for his work on blood groups. He was the first one to classify human blood into various groups. This later went on to give significant leads during criminal investigations from the examination of blood.

The mid-1990s saw the development of other tests to examine saliva, semen, sweat and other body fluids.

 


The Major Highlights in the History of Forensic Science

Here’s the history of forensic science timeline to summarize the eventful journey of forensic science till the 20th century.

The 1800s

  • Questioned document analysis was first recorded
  • Tests developed for the forensic analysis of the presence of blood
  • A bullet comparison used for the first time to convict a murderer
  • Toxicology (arsenic detection) used in a jury trial
  • Hemin crystals used for the development of the first crystal test for hemoglobin
  • A plausible test for blood was first developed
  • Photography used for the first time for the identification of criminals and documentation of evidence and crime scenes
  • Use of fingerprint analysis to solve a crime was first recorded
  • Development of the first microscope with a comparison bridge

The 1900s

  • Use of the comparison microscope for bullet comparison became popular in the 1920s
  • Development of the absorption-inhibition ABO blood typing technique
  • The invention of the first interference contrast microscope by Dutch physicist Frits Zernike in 1935
  • Development of the chemiluminescent reagent, luminol, for the presumptive test for blood
  • Voiceprint identification was first studied
  • The invention of the Breathalyzer for field sobriety tests
  • Use of heated headspace sampling technique for collecting arson evidence
  • Development of the scanning electron microscope with electron dispersive X-ray technology
  • The polymorphic nature of red cells first identified
  • Enactment of the Federal Rules of Evidence
  • Gas chromatograph and the mass spectrometer were being used for forensic analysis
  • The polymerase chain reaction (PCR) technique developed for clinical and forensic applications
  • DNA profiling gained increasing popularity
  • Enactment of the DNA Databank legislation in 1994
 


The Modern History of Forensic Science

In the early 20th century, there was a boom in the development of newer forensic techniques for examining the evidence. This lead to law enforcement agencies realizing the requirement of special forensic investigator teams for evidence gathering and analysis.

A professor at the University of Lyons – Edmond Locard, began the first police crime laboratory in France (1910). In fact, his revolutionary work in the field of forensic science earned him the name “The Sherlock Holmes of France”.


Locard’s Exchange Principle

Edmond Locard’s concept that “everything leaves a trace” formed the basis of what is now called Locard’s Exchange Principle.

Locard’s Exchange Principle states that everything and everyone that enters a crime scene leaves some piece of evidence behind. This is extensively used by a forensic investigator in crime scene investigations.

Conversely, he also established that everyone and everything takes some piece of the crime scene with them when they leave.

To this day, forensic science has witnessed a number of significant advancements. From high-tech tools to DNA profiling and cyber forensics, forensic investigations are a lot easier now than it ever was.

DNA profiling has, in fact, lead to the successful identification of numerous criminals across the globe.

 


The Quintessential Human Factor in Forensic Science

Forensic Science has a rich but undervalued history and a richer potential ahead. Advancements in forensic science are an ongoing process and each day introduces a new technique into the forensic world.

Despite all developments, any investigation still requires a human brain to decipher and rationalize the events of an incident scene. A forensic investigator, at present, has the benefit of numerous tools and medical and scientific advancements at their disposal.

In fact, a trained crime scene investigator bears the responsibility of correctly analyzing, retrieving and collecting evidence from a crime scene by leveraging every available scientific and technological advancement.

Nevertheless, one must not forget the human factor that comes into play without which an investigation is incomplete


Application of the Human Acumen by a Forensic Investigator

While forensic science can explain the ‘how’ of a crime, a human mind is still needed to uncover the ‘why’. It requires the acumen of the crime scene investigator and law enforcement personnel to understand the motive before a trial.

A crime scene analysis is incomplete without the concord of scientific methods and the human factor. Yes, a scientific evidence speaks for itself. But, it requires a human comprehension and voice to present it in the court of law for seeking justice.

 

Texial Cyber Security

Texial is another valuable addition to the world of forensic science. we houses a state-of-the-art forensic laboratory and forensic professionals handpicked from premier forensic institutes across the country.

 

Do not take the bait! Understanding Email Phishing

What precisely is phishing?

Phishing is a tactic used by hackers to trick you into providing personal information or account data. Hackers steal sensitive data by generating new user passwords or inserting malware (such as backdoors) into your device once they have your knowledge.

Financial frauds or identity hacks perpetrated using the victim’s private information are the more serious consequences of phishing. Phishing is responsible for almost 90 percent of all data breaches.

What are the various kinds of phishing scams?

Depending on the perpetrator, phishing attacks will hit a wide variety of people. It is likely that this is a generic email phishing scam searching for someone with a PayPal account. However, these are almost certainly phishing attempts. Phishing may also take the form of an email that is sent to only one user. Because of their access, the attacker would devote time and effort to crafting an email for a single recipient. If the email is on this end of the continuum, even the most suspicious individuals are likely to fall victim to it. According to statistics, 91 percent of data security breaches begin with some form of a phishing scheme.

What is the concept of Email Phishing?

Since the 1990s, email phishing has possibly been the most prevalent form of phishing. These are the emails that a hacker sends to any and all email addresses he or she can get his hands on. The email normally advises the user that their account has been compromised and that they must reply immediately by clicking on the ‘this page’. Since the English are not always plain, these assaults are normally easy to detect. It sometimes gives the idea that someone used translation software to go through five different languages before deciding on English.

suspect source if you search the email source and the actual connection that you are being led to.

Sextortion is a form of a phishing scheme that involves giving someone an email that seems to be from themselves. The hacker appears to have broken into your email server and then into the machine in the email. They claim to have two crucial pieces of information: your password and a video of you. The sextortion takes place on the captured footage.

They claim to have two crucial pieces of information: your password and a video of you. The sextortion takes place on the captured footage. According to the claim, you were viewing adult entertainment videos on your monitor while the camera was recording. You must pay them, normally in bitcoin, otherwise, they will reveal the video to your relatives or co-workers.

How to Recognize a Phishing Email?

Every month, users all over the world receive an average of 16 malicious emails! Furthermore, given the plethora of email newsletters that we knowingly sign up for, a detailed review of an email prior to answering can be time-consuming. Nonetheless, being aware is crucial in thwarting future efforts to steal your personal or company information.

Here are few pointers on recognizing a phishing email:

  1. Avoid any email requests for sensitive information.

Remember that a legal company will never send you an email requesting confidential personal or financial information. Furthermore, an organization with which you are familiar would like to have a phone call with you about some account details. Unsolicited emails demanding personal information and containing a connection or attachment should be avoided. It is unquestionably a ruse. Generic Email Salutations Should Be Avoided

  1. Avoid emails that address you as a “respected member,” “favorite client,” “customer,” or “account manager,” among other words. 

    Emails with such generic salutations should be stopped at all times since they are almost invariably spam. Bear in mind that a legal business will call you by your name. Any cyber con artists, on the other hand, totally disregard the salutation portion of the text! As a consequence, make sure you check the other things on this guide and see whether it’s deceptive or not.

  2. Verify the Sender’s Domain in the Email Address

Examining the sender’s address is one of the most effective ways to detect a phishing text. Check the domain in the email address, which is the part after the @. This will give you a good sense of the email’s sources and therefore its validity. Cybercriminals sometimes change the spelling of a domain to make it seem legal. But proceed with caution! But, since businesses often use special or random domains to reach out to their clients, this is not a foolproof tip. Small businesses, in particular, rely on third-party email providers to deliver emails. As a consequence, the dubious-looking domain could be real!

  1. Spelling Errors Can Serve as a Warning Flag

One thing to keep in mind! Any brand and business invest heavily in their proofreaders and copywriters. This is to ensure that the material they distribute to consumers is error-free, factually correct, and grammatically correct. An error in material, particularly in an email to a prospective or current client, is a major source of embarrassment for an organization. As a consequence, it’s self-evident that an email from a legitimate organization must be well-written. Scam texts, on the other hand, are easily detected by their grammatical and spelling mistakes. Hackers, obviously, are not idiots! They know who they’re after, and these phishing emails are often aimed at people in the lower echelons of the educational ladder.

  1. Be wary of uninvited attachments

If you know what the most often used phishing email bait is? Attachments and connections that are unsolicited and suspicious-looking. Emails with random attachments or connections are never sent from a legitimate entity. They would rather take the user to their own website to retrieve the required documentation or files. Companies that have your contact information, on the other hand, can give you white papers, newsletters, and other materials as attachments. So, though you can be careful of attachments with extensions.exe,.scr, and.zip, this isn’t a completely secure trick. In case of uncertainty, the safest course of action is to contact the sender directly.

  1. It makes no difference if you have the world’s most reliable surveillance system. It only takes one untrained employee to be duped by a phishing attack and hand over the information you have worked so long to safeguard. 

Be sure you and your colleagues are all aware of these particular email phishing scenarios, as well as all of the warning signs of a phishing attempt.

Gaps and Limitations and how to tackle them 

Both consumers and companies must take action to defend themselves from phishing attacks. Vigilance is important for consumers. A spoof message sometimes includes inconsequential errors that reveal its true identity. As seen in the previous URL example, these may involve spelling errors or domain name changes. Users should also consider that they are sending such an email in the first place.

The foregoing phishing email detection tips will undoubtedly raise your tolerance and vigilance of phishing attacks. Phishing attacks, on the other hand, are becoming stealthier and more subtle by the day. And seasoned users can find it difficult to spot a phishing email before it’s too late, thanks to changing techniques.

It’s shocking to hear that almost half of all phishing or bogus websites already have SSL Certification or HTTPS encryption! To escape tracking, they are increasingly using tactics such as web page redirects. Fake fonts and other encoding methods are often used by some fake banking websites to give the impression of a real website. Also, the most vigilant customer is finding it more difficult to detect phishing attempts as a result of these tactics.

Texial’s – Phishing Attack Victims Investigation Services

Texial is a forensics laboratory that focuses on optical and Cyber Forensics. Texial’s Lab delivers investigative and cybersecurity expertise and technologies, supported by a roster of the best-in-class forensic experts. Texial’s Lab also delivers cybercrime detection training and information to corporations and law enforcement authorities.

A Dive into the Forensic Universe: Forensic Standardisation

What is Forensic Standardization? 

Computers have been an integral part of daily life in recent decades. Many that commit offenses, unfortunately, are not immune to the computer revolution. As a result, techniques that allow prosecutors to retrieve data from devices used in unlawful activities and use it as evidence in criminal cases are becoming increasingly relevant to law enforcement. Standardization of the compilation, analysis, interpretation, and reporting of forensic evidence is essential to a common approach to how evidence is used. This allows states to share facts and intelligence in order to exonerate the accused or convict the guilty.

HISTORY

The first Digital Forensic Research Workshop (DFRWS), conducted in Utica, New York in 2001, described digital forensics as “the application of scientifically derived and proven methods to the storage, processing, confirmation, identification, examination, interpretation, recording, and presentation of digital evidence derived from digital sources for the purpose of facilitating criminal investigations.” or assisting with the rehabilitation of violent cases, or assisting in the anticipation of unauthorized activities that have been seen to interrupt scheduled operations.” Digital forensic evidence, on the other hand, maybe used in both criminal and civil trials.

ISO/IEC 27043:2015 (ISO/IEC 27043:2015) is an international standard that covers information infrastructure, encryption techniques, and incident investigation standards and processes. The specification defines a component of a larger investigation that can be used in accordance with other international standards such as ISO/IEC 27035, ISO/IEC 27037, and ISO/IEC 27042. The ISO/IEC 27043 standard was created with the primary goal of defining and following certain standardized investigation principles and procedures in order to obtain the same results for different investigators under similar circumstances. The concepts of reproducibility and repeatability are critical in any criminal investigation. Throughout the inquiry process, the ISO/IEC 27043 specification is also intended to provide consistency and transparency in the collected findings for each specific process (including report generating).

UNDERSTANDING THE NEED FOR STANDARDISING FORENSIC REPORT PROCESS

Report generation is a process in ISO/IEC 27043 that focuses on the analysis of digital data. In general, the presentation phase of a digital forensic investigation assists in the confirmation of the forensic theory, while report generation as a procedure is encapsulated within the investigative process and is one of the classes of the digital investigation process. Although report generation is not a method for conducting investigations, it has been presented as a process for displaying or interpreting the results. We believe that forensic reports should be prepared or produced in a standardized manner, rather than being lumped into one of the digital investigation categories (investigative process class). It’s worth noting that if forensic reports aren’t prepared, presented, and interpreted properly, they may lead to misinterpretations of the forensic theory or investigative fact throughout several cases. This is a major flaw in the standard.

SCOPE OF DIGITAL FORENSIC INVESTIGATIONS

It’s important to remember that a forensic report can cover the full spectrum of the automated forensic investigation process as it’s being written or produced. At this stage, information from a digital forensic investigation cannot be retrieved without observing specified procedures; this must be stated clearly since the digital forensic investigation’s importance cannot be overstated. Which provides for open investigative notification to all interested stakeholders. One might also look at the possibility of using Blockchain to ensure the credibility of the report’s data.

LIMITATIONS

There is no such thing as a flawless automated forensic examination. As a result, any decisions to skip such procedures, protocols, or investigative behavior, as well as any known shortcomings in the methods and strategies used, should be reported. 

CONCLUSION AND FUTURE DIRECTIONS

The need to standardize the report generation process in order to improve the presentation of forensic evidence before and after trial while adhering to the ISO/IEC 27043:2015 standard. Future study will focus on defining the core components of a standardized report generation process, for example in collaboration with the international digital forensic group, as well as investigating how modern technology like augmented reality, Blockchain, and machine learning can be used to make the process easier.

A Guide to a career in Cyber Forensics

What is Cyber Forensics?

Cyber Forensics, also known as computer forensics, plays a vital role in investigation of Cyber attacks and Cyber crime. It involves extraction and analysis of digital evidence such as an electronic document and storage mediums.

Cyber Forensics deals with the extraction, preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from any such device that has a storage memory and basic computing power. Cyber Forensics experts are proficient in data recovery that encompasses recovering lost, encrypted, deleted, or damaged data and discovering hidden data residing in a system for investigation.

History

  • In 1978,first computer crime was recognized in Florida.
  • 1984 work began in the FBI Computer Analysis and Response Team (CART).
  • In 1992, Computer Forensics was introduced in academics.
  • 1995,International Organization on Computer Evidence (IOCE) came into force.
  • In 2000, the First FBI Regional Computer Forensic Laboratory was setup.
  • In 2002, first book on digital forensic called “Best practices for Computer Forensics” was published by Scientific Working Group on Digital Evidence (SWGDE).

Since then, several agencies, each with their own cyber crime divisions,digital forensics labs, dedicated onsite and field agents, collaborating actively in an effort to take on tasks.

India on Digital Forensics

India ranks 15 in the 2019 ranking and moved up to 18 in the 2020 rankings,in inverted scoring system.India also ranks 11th worldwide in the number of attacks caused by servers that were hosted in the country, which accounts of 2,299,682 incidents in 2020 as compared to 854,782 incidents detected in 2019, says the source.

The need for computer forensic experts is growing rapidly. According to a source, the Global Digital Forensics Market is estimated to reach $7 billion by 2024.As India continues to embrace technology and digitization, cybersecurity and digital forensics must be given maximum priority. Cyber forensics is the foundation for an effective and defensive measure against cyberattacks on civilians and government targets. It enables investigators to analyze computer systems after an attack to determine the extent of damage, recover lost data and find the perpetrators.

Opportunities

Several private investigation and cyber security firms hire freshers to perform data recovery.The average salary of a Computer Forensic Investigator is 758,388 per annum and may rise to 11-12 Lakhs pa within 5 years. This super-specialization field allows individuals to get into security and opens the widely acclaimed field of Cyber Security and Incident Response where packages can begin from 4 lakhs and rise up to 12 pa within a span of 5 years.These roles can be satisfied by Digital forensic students. Computer science engineers with knowledge in digital forensics can also cater to the field. Software engineers can perform source-code forensics. Although they are far and rare in India,they come with heavy packages. If you are planning a career in Cyber Forensics, the future is bright.

How to become a Computer Forensic Investigator

Get certified

A Certification in Cyber forensics will provide you with a foundation investigation and computer use,technologies and techniques used in the field. Experience will further advance one’s career and open senior job opportunies.

  • Computer Hacking Forensic Investigator(CHFI)
  • Texial Cyber Forensic Investigator

Get your first Job

Computer forensic jobs can be found in both Government and Private sector.

  • Security Consultant
  • Malware Analyst
  • Computer Forensic Investigator
  • Computer Forensic Technician
  • Information Security Analyst
  • Information Systems Security Analyst
  • Forensic Computer Analyst

Advance with experience

With years of experience one can advance their career as Senior Forensic Expert or start their own practice.

Skills needed

  • Knowledge of Digital storage,Computer OS,Basic programming,Malware & its types and Cyber Law.
  • Knowledge in Ethical/Legal aspects
  • Soft skills-Intuitive,Analytical,Logical,Critical,Problem solving,Communication.

Topics Covered in a Cyber Forensics Course 

The following section shall provide you an outline of the curriculum of Cyber Forensics, Cyber Crimes, Cyber Security & Cyber Law. 

  • Computer Forensics in Today’s World 
  • Computer Forensics Investigation Process 
  • Understanding Hard Disks and File Systems 
  • Operating System Forensics 
  • Defeating Anti-Forensics Techniques 
  • Data Acquisition and Duplication 
  • Network Forensics 
  • Investigating Web Attacks 
  • Database Forensics 
  • Cloud Forensics 
  • Malware Forensics 
  • Investigating E-mail Crimes 
  • Mobile Forensics 
  • Investigative Reports
Digital forensic has a board scope, thus copious amounts of tools go into an investigation. Digital forensic  has a number of sub categories ,for example  Mobile forensic, Memory forensic, Network forensic, Email forensic etc. Number of  tools are available for the same.Some of the major tools are:
Memory Forensic tools 
Autopsy 
X way forensic 
Ftk imager 
Bulkextractor 
Formost 
scalpel 
Email Forensic tools 
Xtraxtor 
Stellar email forensic 
Network Forensic tools 
Wireshark 
Network miner 
Mobile Forensic tools 
AF Logical OSE 
Open source android forensic 
LIME
 

Case Study

Krenar Lusha,2009

Krenar Lusha an illegal immigrant of the United Kingdom was arrested based on his internet search pattern. On conducting search on his laptop, it was found that he had downloaded a manual of 4300 GM to make explosives. When they searched his apartment for further investigation, the police also recovered documents entitled The Car Bomb Recognition Guide, 71.8 l of petrol, 4.5lb of potassium nitrate, Improvised Radio Detonation Techniques,Middle Eastern Terrorist Bomb Design, and The Mujahideen Explosives Handbook. The chats via MSN were also recovered from his laptop. He presented himself as a terrorist who wanted to see Jewish and Americans suffer. These conversations were retrieved from his computer and used as digital evidence in the court.

Cyber crime has been on rise for years.As people progressively conduct their personal lives and business online,the data becomes a leverage.With constantly growing cyber attacks the need for Cyber Forensic experts is growing rapidly.According to a source,the job demand in Cyber Forensics will rise upto 32% by 2028.

Texial Cyber Forensic Investigator-Texial Cybersecurity

The Texial Cyber Forensic Investigator training is a comprehensive program that consists of theoretical as well as practical training sessions to give students a hands-on learning experience in analyzing computer systems in the aftermath of a cyberattack and discern their causation.

A Complete guide to Fingerprint Analysis

What are Fingerprints?

Impression left by the friction ridges on the finger are known as Fingerprint.A Fingerprint consists of ridges and furrows in patterns,which make them unique.

Origin

  • Edward Richard Henry (1850-1931) –He devised the fingerprint classification formula, recommended the use of mercury based and graphite based powders. 
  • Sir William Hershel,1856 -The first to use fingerprints An English Chief Magistrate in India who used prints on native contracts. 
  • Dr.Henry Faulds,1880 -Notices fingerprints on pre-historic pottery 
  • Sir Francis Galton,1888 -Sir Francis Galton, a British anthropologist and a cousin of Charles Darwin, began his observations of fingerprints as a means of identification in the 1880’s. In 1892, he published his book, “Fingerprints”, establishing the individuality and permanence of fingerprints. The book included the first classification system for fingerprints.

Types of prints

  • Latent print
  • Patent print
  • Plastic print

Latent print

It is invisible to the eye produced due to the deposition of oils and perspiration.

Patent print

It is visible on surface after ridges have been in contact with colored material: blood,paint,ink,.

Plastic print

Impressions left on soft material: putty, wax, soap, or clay,.

Collection methods

Latent print

Use alternative light source(UV light),High Definition Photograph,tape lifting method,chemical fuming methods(cyanoacrcylate, ninhydrin, silver nitrate)

Patent print

Use alternative light source(UV light),High Definition Photograph,tape lifting method.

Plastic print

Casting methods

Collection of Fingerprint from the dead

Casting methods-For skin that’s badly deteriorated, it may be possible to use silicone putty to make a casting that captures the detail of the fingerprint ridges. Those impressions can then be photographed and used in identification. Most sensitive to taking an impression, even under only moderate pressure against the mold. 

Thanatopractical  processing– fluid is extracted from other parts of a body’s remains is used to restore tenseness and volume to the fingers in order to plump them for printing.

In case of rigor mortis, straighten the fingers. This can be accomplished by pressing down on the middle joint of the finger. Dust the fingers and palms with fingerprint powder and lift the prints with tape or rubber lifters.

Surfaces

Porous: Absorbent surfaces such as cloth,paper,. 

Non porous: Non absorbent surfaces such as glass,plastic,.

Principles of Fingerprint Analysis

1. A fingerprint is an individual characteristic because no two fingers have yet been found to possess identical ridge characteristics.

2.   A fingerprint will remain unchanged during an individual’s lifetime. 

3.  Fingerprints have general ridge patterns that permit them to be systematically classified.

Fingerprint Analysis

Types of Ridge patterns

Loops

Loop must have one or more ridges entering from one side of the print, recurring and exiting from the same side. 

It should have one core and one delta If loop 

-Opens towards little finger= ulnar loop 

-Opens towards the thumb= radial loop

These patterns are named for their positions related to the radius and ulna bones, i.e. the bone the loop opening is facing towards.

Whorls

  • Plain Whorl
  • Central pocket loop whorl
  • Double loop whorl
  • Accidental whorl

All whorl patterns have type lines and a minimum of two deltas. 

Central pocket loop whorl have at least one ridge that makes a complete circuit. 

Ridge may be spiral, oval or any variant of a circle.

Double loop whorls (Twin loop)are made up of any two loops combined into one print.

Accidental whorls contain two or more patterns which does not clearly fall under any of the other categories.

Arches

  • Plain Arch-Ridges enter on one side and exit on the other side.
  • Tented Arch-Similar to the plain arch, but has a spike in the center.
Arch patterns do not have Type lines,Core and Delta

Ridge Characterstics

Class Characterstics

Type Lines-Pattern area of the loop is surrounded by two diverging ridges known as type-lines.

Core-Core is defined as the innermost turning point where the fingerprint ridges form a loop.

Delta-Delta is defined as the point where these ridges form a triangular shape.

Individual Characterstics

Bifurcation(Fork)- A ridge diverging into two parallel ridges,forming a fork shape.

Spur (Hook)-A ridge diverging from the main ridge to form a hook.

Enclosure(eye)-A ridge divides into two and the two divided ridges immediately converge into a singe ridge,forming an eye shape.

Dot-A very small fragment found inbetween the pattern.

Trifurcation- A ridge dividing into three parallel ridges.

Bridge- Two ridges connected by a bridge.

Ridge Counting

The number of ridges intervening between the delta and the core is known as the Ridge Counting.

  • Ridge counting is performed on loop type pattern. 
  • If there is a bifurcation at the exact point of coincidence, two ridges are counted. 
  • If there is a bifurcation of a ridge exactly at the point where the imaginary line would be drawn, two ridges are counted. 
  • Fragments &dots are counted if they appear as thick as the neighbouring ridges. 
  • Ridges, which run close up to without meeting the line, are not counted. 
  • Where the line crosses an island, both sides are counted.

Ridge Tracing

  • The course of the lower ridge of the delta, is followed and it will be found either to meet or to go inside or to go outside the corresponding ridge of the delta. 
  • If the course of the ridge ends abruptly, the course of the next ridge below it is to be followed. 
  • In case of bifurcating ridge the lower line of bifurcation should be followed. 
  • When the traced ridge meets the corresponding ridge of the right delta or goes inside or outside, with not more than two ridges intervening between them, the Whorl is specialised as Meeting(M). 
  • When the ridge goes inside and there are three or more intervening ridges, it is specialised as Inner(I). 
  • When the ridge goes outside and there are three or more intervening ridges, it is specialised as Outer(O).

Database

Fingerprint Analysis and Criminal Tracing System (FACTS) & Aadhar 

The computer uses an automated scanning device to convert the image of a fingerprint into digital ridge characteristics. (image processing and pattern recognition techniques) 

Holds information of class characteristics, individual characteristics , minutiae location, direction, ridge count, density, type of print,. National crime records bureau and Central finger print bureau hold access to FACTS.

Applications

  • Biometric security 
  • Identity recognition in mass disasters 
  • Conducting background checks 
  • Criminal investigation

Recent Trends

Determining use of illegal drugs: 

Researchers from the University of Surrey in England have developed a method to test the residue left in a fingerprint for cocaine using mass spectrometry. 

Fingerprint Molecular Identification (FMI) technology to identify gender, narcotics and nicotine: 

North Carolina’s ArroGen Group has developed FMI technology, again using mass spectrometry, to identify gender biomarkers, as well as metabolites of nicotine, heroin, methamphetamine, marijuana, temazepam, ecstasy and even some legal medications. 

Developing Technique Bacteria:  

Certain bacteria, for example acinetobacter calciacatieus, can be used to develop prints on valuable oil paintings, without harming the painting in the process.  The bacteria in a nutrient gel are pasted onto the surface of the painting, making the print visible as they multiply.  The gel can then simply be wiped off, leaving the painting unaffected. 

Autoradiography:  Radioactive atoms are incorporated into the fingerprint by placing the piece of fabric into a container containing radioactive gases, such as iodine or sulphur dioxide, at a humidity of less than 50%.  The fabric is then put into contact with photographic film, and the radioactive atoms cause a picture to become clear.

The Identification of Prisoners Act 1920

Section 1: An act to authorize the taking of measurements and photographs of convicts and others. 

Section 2: Definitions “ Measurements” include Finger impressions and foot print impressions 

(a) “Police Officer” means an officer in charge of a Police Station, a Police Officer making an investigation under chapter XIV of the Code of Criminal Procedure, 1898 or any Police Officer not below the rank of Sub – Inspector. 

(b) “Prescribed” means prescribed by rules made under this Act.

Section 3: the SHOs and investigating officers are empowered to take the finger prints of every person who has been convicted of any offence punishable with rigorous imprisonment for a term of one year or upwards or of any offence which render him liable to enhanced punishment on a subsequent conviction.

Section 5: A First Class Magistrate can direct to give the FPs of any person arrested in or for the purposes of any investigation or proceeding.

Collection of Fingerprint for comparison

Under the provisions of 73 IEA and Section 5 & 6 of Identification of Prisoners Act, the law enforcing authorities and courts have been empowered to take finger prints of a person for the purpose of investigation or identification.

On refusal,

Section 6 of Identification of Prisoners Act:If any convict resists to give finger prints necessary measures should be to taken to secure his finger prints.If he still refuses, he can be charged u/s 186 IPC and he is liable for punishment.

Expert Testimony

In 1899 amendment was made to Evidence Act, Section 45 & 73 and evidence of finger Print Expert was given a statutory recognition. 

Section 45 of IEA, when the court has to form an opinion upon a point of foreign law, or of science or art or as to identity of handwriting or finger impressions, the opinion upon that point of persons specially skilled in such foreign law, science or art or in questions as to identity of handwriting or finger impressions, are relevant facts. Such persons are called Experts.

Under Section 293 Cr.P.C.Report submitted by Director, FPB as Expert opinion may be used as evidence.The court may, if it thinks fit, summon and examine any such Expert.If the Director, FPB is summoned by a court and he is unable to attend personally, he may, unless the court has expressly directed him to appear personally, depute another Expert who is conversant with the facts of the case.

Palm prints comes within the section of 45 IEA and opinion of Experts as to identity or non-identity of palmer impressions are admissible in court.

Section 60 of IEA, if oral evidence refers to an opinion or to the grounds on which that opinion is held, it must be the evidence of the persons who holds that opinion on those grounds (i.e. Expert need not be present in the court).

Under section 20 (b) of Cr.P.C. any document produced before the Magistrate on which prosecution to rely, provided that Magistrate is satisfied that any such document is voluminous, he shall, instead of furnishing the accused with a copy thereof, direct that he will only be allowed to inspect it either personally or though pleader in the court.

The Exciting World of Cyber Forensics

The Exciting World of Cyber Forensics

Introduction

Cyber criminals seem to be everywhere these days. They lurk in the deepest corners of the internet, practically secretly defrauding individuals, hacking, cheating, and fleeing from the authorities. Cyber Forensics is a method for computer discovery used to assess and expose specialized criminal evidence. For legal purposes, it also requires electronic data storage retrieval. People who work in cyber security with digital forensics are on the front lines in the fight against cybercrime. They are the ones who gather, store, archive, and evaluate evidence relevant to computers. They help find flaws in the network and then establish methods of reducing them.

What do people in Cyber Forensics do?

  1. Recovering data from hard drives that are corrupted or erased.
  2. Hacks tracing.
  3. Collecting evidence and preserving it.
  4. Reading investigation reports and analyzing them.
  5. Acting around computers and other technological gadgets.
  6. Along closely with other detectives and police officers. 

History of Cyber Forensics

It is difficult to establish when the history of computer forensics begins. Most researchers believe that more than 30 years ago, the electronic forensics sector started to develop. The sector started in the United States, where law enforcement and military agents begin to see perpetrators getting technical, in large part.

What became known as digital forensics was widely called ‘data forensics’ until the late 1990s. Law enforcement agents, who were also computer hobbyists, were the first computer forensic technicians. Work on the FBI Data Analysis and Response Team started in the USA in 1984. (CART).

Why is Cyber Forensics budding and has great potential now?

The key purpose of computer forensics is, from a scientific point of view, to locate, capture, store and interpret data in a manner that maintains the credibility of the obtained information such that it can be used successfully in a court case.

In their day-to-day lives, technological advances have led to over half of the world’s population dependent on computers and other technologies, from monetary control to global connectivity. Technology has unfortunately grown with a double weapon, introducing a new criminal platform: Cybercrime. Without adequate evidence, digital cyber criminals can be very difficult to accuse.

Still, a wide range of offences, including child pornography, theft, espionage, cyber-stalking, murder, and rape, are being prosecuted. In civil litigation, the discipline also serves as a form of evidence collection (for example, Electronic discovery).

Why choose a career in Cyber Forensics?

The ever-increasing pace of carrying out most online personal and technical operations has contributed to a cybercrime boom. In the execution of computer-based crimes or cybercrimes, the use of computers and/or mobiles is required. Therefore, the need for cyber and digital forensics expertise is on the rise. Explore in this blog the possibilities of a Cyber Forensics career.

Under the “information security analyst” group, the Bureau of Labour Statistics (BLS) categorizes the job electronic forensics examiners perform. The demand for this job is projected to rise by 32 percent from 2018 to 2028, according to data from 2019, which is extraordinarily high. In other words, in the Internet era, it is an important part of law and enterprise and can be a satisfying and profitable career direction.

Career aspects in Cyber Forensics with respect to India
In jails around the world, nearly a quarter of a million under-trials are languishing. Of these, about 2,069 have been in custody for over five years, even though their guilt or innocence is yet to be identified. There are also cases that do not necessarily need to be referred to the police or the judiciary. Most analysts believe that, in many forensic areas and crime investigations, India faces an acute shortage of qualified forensic experts and scientists. Forensic research has more than 27 sub-branches and is an applied science. The lack of trained Indian forensic experts, scientists, and prosecutors. Cyber Forensic experts can help by helping the decision-makers before a lawsuit enters the court, forensic sciences help to reduce the number of lawsuits entering the overwhelmed court system. There is, thus, broad space for careers, private jobs, own profession, etc.

While Computer Forensics is still in India in its formative years, there is a surge in job opportunities for such professionals. Professionals from Cyber Forensics are also employed to help improve an organization’s data and information management.

Computer Forensics Researcher, Computer Forensics Technician, Digital Forensics Specialist, Computer Forensics Researcher, Computer Forensics Specialist and so on are some common examples of cyber forensics jobs.

Future directions in Cyber Forensics

The world of Cyber Forensics is evolving quickly in terms of research and technology. The fundamental technology is not only increasingly emerging, but the legal climate is also changing. How an analyst investigates may be modified by new rules. Techniques grow over time as Research frameworks should be introduced to the specifications of digital forensics to better tackle the backlog by more effectively allocating scarce Cyber Forensic specialist time by enhancing and expediting the digital forensic process itself. The backlog is one of the greatest obstacles of today’s Cyber Forensics career. 

Guide for Setting up State-of-the-Art Cyber Forensic Laboratory

Setting up a cyber forensics lab texial

Introduction

Texial Cyber Security is an organization that provides specialized services to Law Enforcement agencies. Texial offers a complete range of forensic services and solutions, including litigation consulting, electronic discovery and forensic casework. We have a futuristic cybercrime and digital forensic center which offers solutions catering to different segments of the society such as law enforcement agencies, private investigators, individuals, corporate and the government.

We combine in-depth experience and comprehensive capabilities to provide consulting, software solutions and services across multiple verticals. 

Crime has taken on new forms around the country, with the nature of crimes varying sharply and a burgeoning youth demographic. Statistics point to new trends across the country, with unscrupulous entities employing hi-tech and discreet methods to break the law. Law Enforcement personnel and Investigations officers find the skills they have to be inadequate to deal with this new wave. Therefore, there exists a need for equipping investigating agencies in the latest forensic practices and technologies. 

In this regard, We want to Guide on How to set up an end-to-end infrastructure for Digital Forensics that would provide essential tools and equip their students to learn and educate in the field of Digital and Cyber forensics. 

They would mainly involve imparting skills and digital forensics tools usage to stay competent in streamlining investigative processes. The lab is to incorporate end-to-end infrastructure with necessary equipment’s and tools.
Texial, proposes to set up Digital Forensic Lab that would impart quality tools in digital forensics. We have the requisite expertise with regards to setting up of facilities as well as training – right from procurement and supply of hardware, to installation and commissioning of state-of-the-art infrastructure. We utilize cutting edge technologies and holistic processes for perfect execution of all operations. We look forward to setting up and staffing a state-of-the-art facility covering various practices of Digital Forensics.

Cybercrime or a digital crime is one of the most common types of crime in our world. 

Every year the cyber-related crimes are increasing. So we must need a proper lab setup for the
investigation. Nowadays the labs are more advanced than in the olden day. So the investigation
process is also become easy because of the investigation of certain tools. So let’s look into
how to set up a digital forensic lab deeply.

There are mainly six-phase for developing a digital forensic lab that are:

  1. Planning
  2. Identification of proper space for the construction of a lab
  3. Select the equipment’s and things need for the lab
  4. Installation and purchase of the software tools
  5. Security controls
  6. Lab Management

Phase-1: Planning

We need to have a proper plan about how to set up a lab, what are the things needed for the creation of the lab, you should have an idea approximate budget for the construction of
the lab etc. should be identified in this stage. After proper planning only we can go to the next
step. If you have a proper plan the construction with happens easily. After planning you got an idea about how a lab has been developed.

 

Phase-2: Identification of the proper space for the construction of a lab

In this you need to look for a proper location or building with a neat environment
because you need to keep our lab always clean, digital things always need a cold environment
for proper functioning. The lab should be in an air-conditioned room.

 

Phase-3: Select equipment’s need for the lab

The most important things need in a digital forensic lab includes Computers with
a licensed operating system, Intrusion alarm should be there in entrance, Monitoring camera,
every computer must have UPS etc. and common things like tables chairs etc. will be needed.

 

Phase-4: Installation of tool

Digital forensic is a vast area. So there we need more tools for investigation. Based on
different variety of digital evidence number of tools is there. Digital forensic have different
categories like Mobile forensic, Cloud forensic, Network forensic video forensic, etc. Number
of tools are available, some of them are open source for some tools we need to pay for. Some
important tools needed for a lab include:

  • Disk and data Capturing Tools
  • Registry analyzing Tools
  • Email analyzing Tools
  • Network analyzing Tools
  • Mobile analyzing Tools

Disk and data capturing tools:

These tools mainly used to extract the image of certain systems, pen drive, etc. and data
capturing tools are used to extract the potential artifacts from the email, pen drive, Mobile
phones etc.

  • Autopsy:

    It is an open-source tool used to extract the data from image files, emails, etc. It
    is easy to use and we can use it in both Unix and windows.

  •  X-Way forensics:

    X Way forensics is an imaging and disk cloning tool it is not an open-source tool we
    need to pay for it.

  • FTK Imager:

    FTK Imager is an open-source tool that is used to create the image of the computer,
    mobile phone pen drive, etc. and we can also use it to analyze

  • Bulk Extractor:

    It is an open-source tool for data carving. It scans the image file and finds email
    addresses, URLs, and credit card numbers. We can use it in windows and link.

  • Foremost:

    Foremost is another open-source tool for data carving and data recovery. It carves
    files based on their headers, footer and internal data. It is not available in windows it
    only runs in UNIX.

  • Scalpel:

    It is also a file carver it reads the database of the header and footer and extracts files. It is an open-source tool. It runs in both Windows and Linux. 

     These are some important data carving and disk imaging tools need in the digital forensic lab for analyzing the sample. So many tools are in the built-in Linux operating system.

     

Registry analyzing tool 

 The registry is a box of information that may contain some treasure-like information for the investigation of digital evidence. It’s a database contain information like user name,  browser details, unauthorized entries, etc. It also shows about malicious information like  Trojan and malware information were also found in the registries. Let’s see some important registry analysis tools. 

  1. Windows Registry: 

It is a registry analyzing tool in windows it’s an in-build software in windows. It contains the database of the things we did in the system. We can able to edit the registry by using this software. 

  1. Regshot: 

It is an open-source tool used for analyzing the registry. It is also a malware analysis tool. It notifies if there is any change on the windows registry. 

 

Email analyzing tool 

 There are so many free tools and payable tools are available for email analysis. Some  of them are mention below; 

  1. Xtractor:

    It is a software developed to extract email addresses, telephone numbers, and messages from multiple sources. It is an open-source tool used in windows. 

  1. Stellar Email Forensic:

    Stellar offers mail recovery solutions in case of data loss due to damage and corruption of Email. It is also an open-source tool.  

Some other email forensic tools include: 

  • Bulk extractor 
  • Xplico 
  • Adi4mail etc.

     

Network analyzing tool: 

In forensic, network analyzing tools play an important role. So a digital forensic lab must need some network analyzing tool for analyzing each network.

  1. Wireshark:

    It is a commonly used network analyzing tool. It is an open-source tool and we can easily handle it. It shows the packets of the network very clearly. We can use this in both Windows and Linux. 

  1. Network miner:

    It is a network analyzing tool for windows (also works in Linux Mac os/ FreeBSD). It analyses the network and it is helpful for passive network sniffing, packet capturing to detect operating systems, sessions, hostnames, open ports, etc. It is easy to use and it’s a less time-consuming software. 

     

Mobile analyzing tools: 

 Mobile Forensic tools are very important in a digital forensic lab. Because the crime related to mobile is increasing day by day. So here we are going to present some important mobile forensic tools. 

Open source tools: 

  1. AF Logical OSE:

    It is an application in APK format that is installed beforehand within the Android terminal. It extracted all the detail from a phone and also extracted from the SD card.

  2. Open source android forensic:

    It is a framework that brings together various tools that permit the analysis of the mobile device.
    Some other tools are: 

  • FTK Imager
  • Lime Memory Extractor
  • Android data extractor
  • Whatsapp extractor
  • Skype extractor etc. 

Paid tools include: 

  • Cellebrite 
  • Encase
  • Oxygen forensic 
  • MOBILedit 
  • Elcomsoft IOS Forensic Toolkit etc. 

Phase- 5: Security Controls

 In the lab, we need to maintain security. It is an important concern in forensic. We need to maintain physical security and data security. Data security deals with making sure that all the information processed and developed will be secured. Physical security is nothing but you should avoid unauthorized person entry etc. 

 

Phase-6: Lab management

 This is the final step for creating a digital forensic lab. After completing all the above steps we need to look for lab management. Now the lab is operational. The key to the success of the lab is how it is maintained and managed. So we need to manage the lab well by appointing proper employees, applying certain policies and procedures, proper maintenances, etc. will help the development of the lab. 

What makes a Cybercriminal? Understanding the profiling of a Cybercriminal.

What makes a Cybercriminal? Understanding the profile of a Cybercriminal.

What is a psychological profile?

The psychological profile is a tool guide that helps criminal detectives tell them the type of suspect they are looking for. The emergence of psychological profiling started in the Behavioural Research Unit of the Federal Bureau of Investigation (FBI) in the 1960s to explain the aggressive criminal activity. 

What are Cybercrimes?

Cybercrime, also known as cybercrime, the use of a computer as an instrument for more criminal purposes, such as fraud, trading in child pornography and intellectual property, misuse of identity, or breach of privacy. Cybercrime, specifically across the Internet, has increased in importance as computers have become integral to business, culture, and government.

History of cyber-crime

Throughout the evolution of cybercrime, the sophistication of offences and motivations has also grown. In the early days of cybercrime, most of the offences were perpetrated by angry workers who inflicted physical damage to computer systems. 

Unhappy workers will express their feelings by vandalizing the machines while costing thousands of dollars to the businesses. These incidents are known to be the early stages of insider attacks. The tradition of malicious destruction of the inner workings of computing networks started in the 1960s at the Massachusetts Institute of Technology (MIT). MIT students interacted with and studied trains from their Tech Model Railroad Club and were interested to learn how to manipulate train anatomy.

This interest has moved to the need to dissect computers in the MIT Artificial Intelligence Lab. These students have successfully discovered ways to customize and adjust basic computer functions without the need to re-engineer them. This was perceived to be the first move of hacking. However, the term “hacking” was perceived to be a constructive process by the public since it was simply a means of solving or changing a computer problem. As the hardware used by telecommunications started to expand in popularity, computer users, in particular users who considered themselves programmers, began to use malicious computers. 

What Psychological Profile can a Cybercriminal have?

There is increasing insecurity of individuals and vulnerabilities in the cyber world, and the public is concerned about Internet security.

Cybercrime is an especially dangerous offense that happens in different parts of society and has a significant effect on it in a variety of ways – societal disorganization, economic damage, and psychological illness.

The profile of a suspect is a result of a study and examination focused on the characteristics of a criminal offense, the recognition of the personality attributes, behavioral patterns, and demographic statistics of an accused criminal. In this scenario, the felony act will take priority over cybercrime. 

Personality traits play a crucial role in the behavior of the personality. A man’s features are both innate and typical. The identity of the perpetrator is a collection of undesirable personal traits that are unique to the category of crime and individual offender.

Cybercrime is not only a person with a certain status who has rights, obligations, liabilities but an entity as a dynamic system with a variety of structures:
1) needs – interests.
2) emotions – thought – will.
3) temperament – behavior – value orientation.

Major Cybercrime trends victims fall prey to. 

It is easy to get confused if one is/was a victim of cybercrime, so the first move is to realize what nature of cybercrime one has been targeting and what kind of details one has been subjected to. Understanding the categories will provide insight into the types of victims and, thus, direct us to the types of offenders and eventually to understanding the offender’s personality. 

Breaking down the different forms of Cybercrime.

  • Phishing Attack-

    In a phishing attack, cyber attackers use email or malicious websites to request sensitive information from a person or corporation while acting as a trustworthy agency.
    Phishing attempts mostly come in the form of an email but can also come in the form of a text message (called SMiShing) or a voicemail (Vishing). Phishing attacks normally tend to come from a source whom you trust, like individuals or organizations that you partake with daily.
    Recognition and mitigation are the strongest protections against phishing attacks. One of the safest ways to secure oneself is never to click connections or attachments in emails before the author is checked. 

  • Malware-

    This is one of the most common forms of cybercrime because it can be manifested in a wide variety of formats.
    Malware could include anything from Trojan viruses to worms to spyware and is also a core component of most cyber-crime activities, including phishing attacks, password abuses, and more.
    Fortunately, most malware attacks can be avoided with a successful offense. Being vigilant on what email attachments one opens, avoiding questionable websites, and downloading and maintaining antivirus programming for all the computers and smart phones as well will keep one protected from such crimes. 

  • Online Credential Violation (username and password)

    Becoming a victim of an online credential violation could appear in several ways – ransomware, phishing attacks, credential stuffing, etc. – but the result is still the same: cyber attackers have access to the personal online credentials of employees or consumers (username and password).
    Helping to avoid a breach of credential continues with the use of solid, personalized passwords for the different accounts. By not posting or copying these passwords on a public computer.
    Never use the same password for banking as for other non-financial sites, such as social media or email.
    Trying to have a separate banking device versus other day-to-day operations to minimize the risk of a computer hack, which otherwise could lead to misuse of your online banking credentials. 

How Psychological Profiles are usually done.

Unlike the rest in society, offenders are not in a capacity to follow norms correctly due to diversions during their socialization or to embrace “specific terms” of the criminal climate.

It is influenced by numerous factors: heritage/genes, education, society, lifestyle, and socio-economic factors. According to the criminal investigation opinion, it may be claimed that criminal profiling depends strongly on a combination of implicit and evidence-based professional insight. This will make the guidance of the profiler more vulnerable to cognitive bias and defective decision-making. 

Criminal profiling is reactive by the analysis of the patterns seen at crime scenes. The offender profiles the characteristics of the offender in the internment of his or her crime scene practices. For example, a profiler might try to infer the age, gender, or employment history of a criminal from the way he or she behaved during a crime. Clinical profilers draw their findings on the characteristics of the offender from their clinical experience of working with offenders.

The aim of the statistical approach, working with statistical data, databases, is to establish the relationship between the information recorded in the statistical reports and the characteristics of the offender, using data on similar crimes, and detected criminal offenses.

How the Psychological Profile of a Cybercriminal is similar and different than other types of Criminal Profiles.

One must accept that profiling is more effective in serial cases than single criminal cases. Cybercriminals are not a monocultural group of criminals. Cybercrime can be committed by a woman, a man of any age, economic class, color, religion, or nationality. 

Nowadays, in the case of cybercrime, the detective must consider an immense volume of information in electronic or digital form. The crime scene, in relation to the physical scene, involves information devices or computer networks. A collection of scene factors and other investigative details may include information on the offender’s personality, motivation, and characteristics. Considering the diversity of cybercrime and profiling approaches-forensic aspects, psychological aspects, the technological aspects-the collaborative collaboration of multidisciplinary experts is important. It is fair to point out that the criminal profiling of cybercriminals is multidisciplinary in nature. 

Cybercrime has many advantages compared to most criminals:
1) Worldwide accessibility
2) Anonymity
3) Disproportion between the offender’s acts and the victim’s security – the offender chooses the moment, location, style, and approach to annoy the victim. There is no overt interaction between the perpetrators and the victims, no physical use of the weapons;
4) Distance and versatility – there is no reason to leave the crime scene, low risk, but potentially significant material benefits or income. Many cybercriminals are of a serial type in that the offender is used to their actions and commits multiple offenses. For example, an overview of the “digital crime scene” markers will define and provide insight into the intrusion behavior of computer hackers. As such, this is an important method for classifying police investigations. 

Psychological Profile of Cyber Criminals.

The cybercrime profile can be described by including key elements such as:

Characteristics/Traits of personality-

Characteristics of personality are defined as a broad individual psychological dimension that describes the interpersonal, stable, and common individual differences in behavior, thoughts and feelings of the individual. The personality of a cybercriminal is closely linked to the enhanced internal need to risk in violation of the law, and to such behaviour to achieve some personal benefit or gain material benefit, profit. The impact of the micro-environment is important.

For example, family influences that adversely impact the development of personality and thereby increase cybercrimes include failures in the process of raising children (lack of guardians, lack of support and understanding), family deformity (neglecting children, etc.), adverse families (addiction issues, financial problems) and/or social problems.

Criminal professionalism-

That is, personality characteristics that lead to a stable and successful approach to cybercrime. It requires four mandatory features: specific personality qualities; expertise and skills; fearlessness, bravery, and self-confidence; efficacy and feasibility of action; the commission of a criminal offense, and the accomplishment of a specific goal. Any financially driven cybercriminals, for example, usually have two key goals – input data and user identities in order to obtain access to finance from the identification they have gained.

Technical knowledge-

This is related to technical knowledge and technical abilities in the control of advanced cybercrime-enabled systems and computers.

The most famous cyber offenders are often found to be university students or students from other educational institutions. It is widely agreed that the level of education among cybercriminals could be higher than among other groups of criminals.

When cyber offenders have the highest qualifications, expertise, and skills that can be used to commit cybercrime, the social risk of the crime will not only rise but increase gradually. In this case, intelligence is a central aspect of cybercrime.

It must be accepted that a person with criminal experience, based on the experience, talents, and abilities gained, who engages in criminal activity, causes more harm both in daily circumstances and in evolving environments.

Social Characteristics-

Ethnic characteristics, socio-economic status, socio-psychological and moral characteristics exist.
The basic elements are gender, age, ethnicity, socio-economic class, for example, the characteristics of a traditional fraudster are a middle-aged man with a higher education history and a significant job experience in his business (Almost half had six or more years of experience, about a third – three to five years of experience).

Characteristic of motivation-

In criminology, motivation is understood as a collection of motives of behavior in which each of the motives defines the aspect of motivation and resides in both consciousness and subconsciousness. Motives are developed and created under the control of individual thoughts and emotions.

The motivations are internal-chosen by the individual and external-driven by others. Research has demonstrated that human action is motivated by a variety of reasons – different internal and external influences. The motive is the directing and encouraging role of the action (internal encouragement) which, while creating the subject of the activity, guides human activity. Hackers often can hack for the benefit of their pride, to assert a self that is unique from the self of others. Offenders in this group are typically irritated by social rivalry here and then pursue an excuse to compensate by using their computer techniques. 

Gaps in literature

Cybercrime profiling has been described as “promising but immature science.” This term can be taken as an inspiration to advance the topic and fill the holes in current studies. Present literature focuses on criminal profiling in criminal cases, and few scholars dedicate time to cybercrime.

Multiple forms of cybercrime are closely connected to multiple types of cybercrime. These cybercriminals will vary from “rookies” to experts with differentiating agendas. Analysis has shown an effort to profile cyber-criminals but has struggled to attempt to integrate the features of each form of criminality into a single outline. However, this would not rule out the effectiveness of cyber-criminal profiling. Minimal analysis has been seen on the implementation of a different methodology and the presentation of different suspect profiles for several cybercrime types in one paper.

Present literature focuses on criminal profiling in criminal cases, and few scholars dedicate time to cybercrime. It is important to remember that criminal profiling in cybercrime cases is never going to be an exact science.

This argument also extends to profiling in every investigation. With strategies and methods focused on modes of inference and hypothesis, an error is difficult to avoid where the error appears to be predicted. Often with a high estimated error figure, prosecutors avoid forming a relationship with digital forensics and criminal profiling while forensics appears to have a lower error number.

Owing to the general lack of studies into cyber-crime criminal profiling, trends of cyber-crime activity have not been established. In fact, this may have a role to play in why cybercrime is on the rise and catching a suspect is on the decline.

Limitations 

Limitations have arisen because of the studies undertaken for this study. The problem of criminal profiling continues to evolve in cybercrime investigations.

A few sources have found that access to local law enforcement cases has been granted in their revered nations. This helped them to perform their study and exchange patterns of behavioral traits. There was a lack of analysis using case files to back up their suggested motivations and personality traits for the cyber-crime types presented.

Early studies have based their attention and energy on hackers and how they work. It was not before other offenses, such as cyber data fraud, were committed. The public interest that analysts have looked at the study of other possible cyber-crime profiles. The bulk of academic papers focused on one big cybercrime.

When investigating, there was a limited number of publications that addressed numerous cybercrimes and related criminal profiles. 

Conclusion

Cybercrime activity is affected by the presence of a variety of variables. Such activity is the product of reciprocal contact, which includes human, social, environmental influences and disputes between individuals and communities. It is affected by a variety of different factors: Genes/heredity, education, society, lifestyle, and socio-economic factors. Consequently, cybercrime is often triggered by an individual’s display of anger and bitterness at the social system and status of the person in it.

While the field of cyber-crime profiling is still in its incipient stages, it still looks and expands with leaps and bounds. The present thesis is a small step in the direction of its full growth. As this study has been included it is the view of only students and not experts that its application is limited to academic purposes. It is an attempt to establish a framework for further studies. Profiling a cybercriminal is just the first step in the even slower and tougher process of apprehending the wrongdoers.

It is an important move, no matter what. It is going to help the authorities in restricting their search, which helps them to concentrate the other tools used in intense search operations.

Although technology remains the key shield against cyber threats, a deeper understanding of the psychological, criminological, and sociological dimensions of the broader picture will complement security efforts and capture a criminal before he travels a distance.