Abstract
In this day and age, it is difficult to imagine technology not being part of our everyday life. However, such can also hold the power to be used for activities that an average consumer may not partake in. This chapter focuses on anti-digital forensics and digital forensics methods. Hence, it examines detection avoidance strategies and establishes current investigation and prevention methods when a crime is committed with the help of technologies within cyberspace, reaching from device forensics to data hiding. The cases of the San Bernardino shooting, hacktivist group ‘Anonymous,' EncroChat, and the Shadowz Brotherhood are discussed, examining how offenders utilise technologies such as encryption and data wiping to try to ‘outrun' authorities as well as methods authorities implement to keep up with technological advances to prevent and detect these criminal activities.
TopIntroduction: Definition And State Of Art
Historically, technology can be defined rather broadly. In modern society people often connect the word ‘technology’ with mobile phones, computer as well as the internet, which is a logical verdict, however, ‘technology’ is more extensive than initially thought. Looking at the origins and the compounds of the term ‘technology’, the Greek word ‘techne’ can be defined as art and craft whereas the Greek word ‘logos’ can be defined as word and speech. Having said that, if researchers are looking at this area from the point of view of applied science as well as the application of knowledge, the definition of technology transforms further into the understanding ‘of everyday used items’ which, as stated above, are often linked to internet connectable devices (Buchanan, 1998). These developments provided society with a rather new crime scene environment, the cyberspace, as well as devices which can be connected to it. Lippert & Cloutier (2021, p. 1) establish the cyberspace to be “a digital ecosystem, the next generation of Internet and network applications, promising a whole new world of distributed and open systems that can interact, self-organize, evolve, and adapt”. It is a network or platform which is made of a number of systems allowing to store, access and / or use data of any kind, at any time and from almost anywhere in the world. Clark (2010) established there to be four cyberspace layers to categories the different entities which use, create or are part of the cyberspace:
The Physical Layer is the most commonly used and referred to cyberspace area by society. To provide real-life examples, this layer consists of a variety of digital devices such as PCs, smartphones, networks, wires and routers, to name a few.
This Logic Layer refers to the world wide web. Hence, it is looking at the internet as a platform and components that provide a variety of services for different users as well as their interests. These include but are not limited to social media, content focused platforms as well as shopping platforms.
The focus of the Information Layer is the creation and distribution of any kind of data as well as the interactions between cyberspace users. Hence, this layer looks at a variety of material such as books, educational sources, videos, pictures, and documents which users can create, access as well as share with one another.
The category of the Personal Layer refers to society, in particular individuals, who navigate in cyberspace for different reasons and purposes. More specifically and to name a few examples, those are people who create websites, upload pictures and videos, write blog entries, as well as people who buy goods online.
Taking this a little further and grouping cyberspace and digital devices together, this combination is not officially defined but most often referred to as the Internet of Things (IoT), with Haller et al. (2008, p. 2) interpreting it as “a world where physical objects are seamlessly integrate into the information network, and where the physical object can become active participants in business process”. Hence, the interactivity on an open system, as touched upon by Lippert and Cloutier (2021), allows devices of any kind and a high number of users to communicate. The areas within IoT connect to but are not limited to by any means; Transportation, City Infrastructure, Health Services as well as Building operations (Perumal et al., 2015). Consequently, these areas are not only used to improve the everyday life of the population, however, some may consider these platforms to be vulnerable to attacks of any kind, also known as Cybercrimes.
Key Terms in this Chapter
Anti-Digital Forensics: A method to remove, alter, disrupt, or interfere with evidence of on digital systems to hide, wipe and / or change data.
Cyberspace: The digital environment which is interconnected in the virtual space.
Dark Web: A platform which is made up of websites with the aim to be untraceable. To use such websites specific software and search engines must be used.
Internet of Things: This consists of devices with sensors to enable connectivity as well as the ability to access the internet.
Malicious Software (malware): This aims to access, spread, and interfere with computers and its operations to delete, steal and destruct files and systems. There are a variety of malware types such as viruses, worms, Trojans, spyware, and ransomware.
Distributed Denial-of-Service (DDOS): This can cause servers to overload and then freeze and / or crash which leads to the unavailability of services. This is done by one or more unique IP addresses flooding one internet server at the same time which the server is not able to respond at a reasonable time to.
Digital forensics: is the recovery, investigation, examination, and analysis of material found on digital devices.
Hacking: The unauthorised use of or access into computers or networks by using security vulnerabilities or bypassing usual security steps to gain access.