How Does Law Enforcement Serve & Protect Against Computer Crime?
Computer crime is rampant. Everyone hears about the latest virus or hacking attempt in the news. Law enforcement officers at every level work diligently to protect computer systems and networks at businesses, government organizations and even at home.
Of the many aspects of computer security, law enforcement focuses on the principles of prevention, detection, response and recovery to ensure systems are protected against computer crimes and incidents are handled properly.
Other People Are Reading
-
History
-
Since Internet fell into widespread use, cyber-criminals have been exploiting holes and vulnerabilities in computer systems.
Formed in 1991, the FBI's Computer Analysis and Response Team, or CART, is a team of experts tasked with protecting the nation against cyber-security threats. The National Security Agency, founded in 1972, gathers information about system vulnerabilities and analyzes the intelligence to prevent future attacks.
Many jurisdictions have cyber-security response teams to handle smaller-scale incidents. As incidents of computer-related crime continue to increase in frequency and magnitude, so does the importance of law enforcement protection against these threats.
Prevention
-
Law enforcement teams practice security awareness training, system hardening, monitoring and policy analysis to protect against computer crime. Security awareness training empowers organizations to defend against attack, teaching about security threats and response.
System hardening and monitoring work at the technical level to fix vulnerabilities and scan for abnormalities associated with an attack.
Policy analysis at the managerial level involves an ongoing review of security practices, training and personnel to find and fix weaknesses that could be exploited by computer criminals.
-
Detection
-
The goal of cyber-criminals is to move undetected into computer systems, and to exploit without anyone even noticing. Law enforcement frequently installs monitoring systems in networks, and devotes personnel to auditing systems in order to quickly detect a breach.
The sooner a breach is detected by authorities, the less damage is likely to be done, and the easier the recovery. Because of this, law enforcement encourages organizations to be proactive in installing and maintaining their monitoring and detection systems.
Response
-
When a computer crime occurs and is detected, quick response by law enforcement is key.
The stages of response include: evaluation (determining the method of entry, the type of attack and the impact), isolation (isolating the network or computer system from further damage), auditing (analyze the system for damage) and reporting (notifying the necessary personnel of the breach and the impact.
An accurate and complete report is crucial to ensuring that the computer crime is not repeated.
Recovery
-
Recovering from a computer crime takes patience and determination. At this step, law enforcement serves the organization by providing a set of useful recommendations to protect against future computer crime.
Organizational or governmental officials meet with technicians and policy makers to discuss methods to fix vulnerabilities, patch systems, recover data and rebuild confidence following the crime. Law enforcement aids in the prosecution of criminals and in data breach notification.
Following the initial stages of recovery, it is the organization's responsibility to implement the changes--Prevention, Detection and Response--to respond to future computer crime threats.
-
References
- Photo Credit Computer image by Altmann from Fotolia.com
