Chapter 18. Improving Successful Prosecution

I l @ ve RuBoard

Chapter 18. Improving Successful Prosecution

Many cases are never prosecuted because the business has evaluated that the cost of prosecution, including legal costs, operational disruption, and publicity is not worth it, especially if the hacker is an employee that the company can discipline. However, you may not be able to recover the stolen information if you decide not to prosecute .

In the event of a security incident, it is important to be able to prosecute the assailant. Successful prosecution of an attacker depends upon the strength of the evidence. Since most intrusions are remote, the perpetrator is virtually invisible and there is limited physical evidence. The electronic evidence will indicate when accounts are used maliciously, but will not be able to prove beyond a reasonable doubt that the specific individual was the attacker. It is imperative that this connection be firmly established. It must also be shown that the evidence was collected appropriately and handled correctly. The amount of detailed records concerning the intrusion incident that must be presented is overwhelming. Judges and juries do not normally have a technical background, so the evidence must be presented in such a way as to be understood by the jury. The evidence will need to be summarized in a clear and concise manner.

Connecting the attacker to the activities requires that once the hacker is identified, a search warrant must be obtained and his computer equipment (magnetic and other data media) and documents must be seized and examined for evidence. A forensic consultant must analyze the seized materials to establish the connection between them and the evidence collected from your computer system. The prosecution will present its findings from the computer materials seized during the search. Expert testimony is necessary to prove that the alleged hacker is the one who perpetrated the intrusion. An expert's findings, conclusions, and opinions are the underpinning of the entire case.

I l @ ve RuBoard


Halting the Hacker. A Practical Guide to Computer Security
Halting the Hacker: A Practical Guide to Computer Security (2nd Edition)
ISBN: 0130464163
EAN: 2147483647
Year: 2002
Pages: 210

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net