CIS054-6 ADVANCED DIGITAL

FORENSICS
INTERNET REGULATIONS AND ENFORCEMENT

BY

HACK-5
CONTENTS
INTRODUCTION
ISSUES ON INTERNET REGULATIONS
APPLICABLE LAWS TO THE GIVEN
CASE
ENFORCEABLE LAWS AND RELEVANT
CONVICTIONS
TESTIMONY PROCEDURE
CONCLUSION
INTRODUCTION
Several laws on computer-related offences exist in
different states and nations of the world.
Most of these laws have been applied to cases related
to cyber crimes committed by individuals in different
regions of the world, which have led to prosecutions
and convictions.
Some of such laws include the Data Protection Act, the
Computer Misuse Act, the Regulation of Investigatory
Power Acts (RIPA) etc
The case of Cosmo involves hacking and unauthorised
access to classified information.
This violates a number of computer-related laws and as
such the use of computer law to appropriate offences
and punishments in the given scenario is fit for
purpose.

ISSUES ON INTERNET
REGULATIONS
Internet cannot be regulated without a unified
international law drafted, ratified and signed by all
member states.
Individual state laws against Internet crimes are
not good enough because the problem of
Internet crime is a global one.
There are regulations such as Computer Misuse
Act 2000 but such regulation is practically
impossible to enforce when a citizen of another
country carries out an Internet related crime
against the UK as there is no unified International
law to prosecute the alleged offender and his
home Government is not under any International
obligations to hand him or her over to the UK to
face charges.

ISSUES ON INTERNET
REGULATIONS (CONTD.)
The problem of Internet regulations goes beyond
unified International laws, the law will struggle to catch
up with the technology itself.
Laws do not get updated as fast as new technology get
invented, also an attempt by the International
community to come up with robust/strict laws will
encroach on peoples human rights.
Like the case of Gary Mckinnon, despite the fact that
he was found guilty of breaking into a US computer, his
extradition to United State to face charges was
blocked because it will breach his human rights.
There are millions of reasons why Internet should be
regulated but the battle to come up with a unified and
balanced law will remain an on going problem.

APPLICABLE LAWS TO THE GIVEN CASE
The crime committed in this scenario violates the following
computer laws and several others:
RIPA 2000. RIPA 2000 controls the unlawful and unauthorised
interception of communications on public and private
telecommunication systems (Part 1, Chapter 1) ((COUNCIL,
2008)).
Computer Misuse Act 1990: The crime by Cosmo violates Sections
1(unauthorised access to computer material), 2(intent to commit
further offences on unauthorised access) and 3(modifying
computer material on unauthorised access) of this law.
Police and Justice Act 2006: Part 5 of this Act Sections 35
(unauthorised access to computer material) and 36 (unauthorised
act with intent to impair operation of computer), which is an
amendment of the Computer Misuse Act 1990.
Computer Fraud and Abuse Act, Title 18, Crimes and Criminal
Procedure, Part 1, Chapter 47 and Section 1030 on Fraud and
related activity in connection with computers.
Electronic Communications Privacy Act (ECPA): This Act contains
provisions, which protects the wire and electronic communications
of a person from interception by another person


ENFORCEABLE LAWS AND
RELEVANT CONVICTIONS
Computer Fraud and Misuse Act: this law stipulates that it
is a Federal Crime in the United States of America to have
unauthorised access to classified or financial information
((Legal Information Institute, 2012)).
The punishment for an offence committed under this law
range from a fine to several years of imprisonment but not
exceeding twenty (20) years depending on the severity of
the offence.
Electronic Communications Privacy Act (ECPA): this Act
contains provisions, which protects the wire and electronic
communications of a person from interception by another
person ((Electronic Privacy Information Center, 2011)), the
punishment for which is up to five years in jail with a fine of
two hundred and fifty thousand United States dollars
($250, 000)


TESTIMONY PROCEDURE
First of all, there will be the need to ensure that
the case is investigated by an authorised
person(s).
Permission to have access to the network or
workstation whose security has been breached
should be given by the Director of Information
Technology department as well as the Director of
Finance of the organisation involved.
Evidence about the case will have to be gathered
in accordance with the Association of Chief Police
Officers (ACPO) Guidelines (Wilkinson, 2010).


TESTIMONY PROCEDURE (CONTD.)
Ensure that the data held on the workstation(s) or storage
media that may be used in court is not altered by the
investigating party, which may be a law enforcement agency.
This means that the workstation(s) must be secured and
isolated from the network to ensure that no access or
further changes are made on the data stored or the
processes that run on it as well as applications such as web
browsers by an unauthorised person(s).
An image of the storage devices attached to the
workstation(s) (such as the hard disk, USB sticks, etc)
should be taken and used to analyse the evidence needed
to convince the jury (in the event where the case goes to
court) of the authenticity of the crime committed.

TESTIMONY PROCEDURE (CONTD.)
The MAC (modification, access and change) times of the
documents on the imaged storage devices should be
checked using the metadata of the documents. This will
allow the investigator to determine when the documents
were modified or when changes were made to the
document prior to the investigation.
Also, the properties of the documents need to be accessed
for information such as the name of the application used to
create the document, the author of the document and
company he/she works for.
Data carving should be used to recover data that may have
been stored on unallocated space of the images of the
storage devices captured.
Log files and Internet browser profiles should be accessed
to retrieve the IP address or addresses of the attack origin
and target machines. Access logs should be examined to
recreate the timeline of the event.


CONCLUSION
Computer-related crimes especially those involving the
use of the Internet are on the increase. Hackers have
exploited the power of the Internet to commit malicious
crimes by illegally having access to corporate networks
with the intent to steal, modify or destroy classified
information and data.
To this effect, several computer laws have been
established by Cyber Crime aware countries such as the
United Kingdom, United States of America, and others to
curtail the spread of cyber-related crimes across the
globe. As stated in the Guidelines of ACPO, there is the
need to create and preserve computer-based electronic
evidence in order to successfully show the continuity and
integrity of the evidence in a court of law. Evidence
recovery processes should be presented in such a way
that the same results will be obtained by a third party
using the same methods deployed by the investigator.

REFERENCES
COUNCIL, P.O.F.W.C.B. (2008) 'Regulation of investigatory powers act 2000',
Behaviour, 2007 pp.25.
Electronic Privacy Information Center (2011) Electronic communications privacy act
(ECPA). Available at: http://epic.org/privacy/ecpa/ (Accessed: 20 December 2012).
Legal Information Institute (2012) 18 USC 1030 - fraud and related activity in
connection with computers. Available at:
http://www.law.cornell.edu/uscode/text/18/1030 (Accessed: 20 December 2012).
Legislation.gov.uk (2006) Police and justice act 2006. Available at:
http://www.legislation.gov.uk/ukpga/2006/48/contents (Accessed: 17 December
2012).
Legislation.gov.uk (1990) Computer misuse act 1990. Available at:
http://www.legislation.gov.uk/ukpga/1990/18/contents (Accessed: 20 December
2012).
Simpson, M.T., Backman, K. & Corley, J. (2010) Hands-on ethical hacking and network
defense. Delmar Pub.
Wilkinson, S. (2010) 'Good practice guide for computer-based electronic evidence',
Association of Chief Police Officers, .
Wired (2012) Cosmo, the hacker God who fell to earth. Available at:
http://www.wired.com/gadgetlab/2012/09/cosmo-the-god-who-fell-to-earth/all/
(Accessed: 17 December 2012).