Forensic Readiness Programme: Design & Analysis

Introduction

The aspects of the creation of an FRP have to be viewed in consonance with its hypothesis and payback values. The following basic outline design has to be followed in any plan of FRP for the banking industry

• Using Forms to Provide sequence for verification
• Log File Advice and administration
• Host/Networking Monitoring
• providing an Inventory
• Forensics Laboratory Needs
• Outsourcing choices

(Forensic readiness: Symantec Security Learning Services. 2005, p.10).

List of hazards that A Company could face – Source of information – how Judgement could be reached – Is there any existing risk assessment security policy

The list of hazards could be enormous depending upon the size of the banking company and the scale of its operations. However, the following major types of hazards are being listed:

1. Fraudulent malpractices carried out by the bank’s employees in connivance with 3^rd Parties or customers
2. Contractual disputes with customers and depositors
3. Email and internet misusing by bank employees
4. Online thefts of important bank data for fraudulent use for benefit.
5. 5. Theft of bank’s confidential data through commercial espionage, etc
6. Theft of banking codes through software piracy
7. Misuse or manipulation of official bank data for private and personal use
8. Phishing by which customers or 3^rd parties are induced to provide critical and
9. Confidential information to fake websites for benefits

Failure of the bank’s confidential computer systems such that it does not have far-reaching impacts if it is due to the failure of the inbuilt Banking security system it needs to be taken to task and set right and the necessary Officials need to be disciplined or removed. The repaired system needs to be doubly Reinforced with firewalls and other devices to prevent its recurrence (Sommer 2005).

Description of existing arrangements for managing security and unexpected incidents – Status and scope of the existing disaster recovery plans- data backup facilities

The various types of hazards- evidence needed to program insurance/ legal claims and support criminal investigations

Online thefts: It is possible for unauthorized persons to access passwords, PINs, and personal details to be stolen and then illegally used by impersonators and fraudsters. Systems breakdowns: There may be a total systems failure due to malfunctioning of critical components. If alternatives are not presented, this could lead to losses running into billions of British Pounds and could affect the bank’s credibility.

Virus attacks: Viruses could attack the systems and cause severe damage to them. This is possible since unknown hackers could cause viruses or other forms of attacks to invade the systems. Cyber-attacks have become a major cause of concern in modern-day internet settings, especially in the banking sector. Security systems work well, but in the event of a crisis, they could be severely tested. Therefore, it becomes necessary that the security aspect is prioritized first and foremost, during the installation of the system itself. This can possibly ensure the prevention of future breakdowns. Also regular monitoring need to be conducted to make the employees acquaint with such crises and remain operationally competent and fighting fit.

Phishing’ is a cause of major worry in today’s internet banking world. Under this system, fraudsters, posing as authentic websites, require sensitive personal details like Access Codes, Credit Card and Bank Account Numbers, etc.

(Recognize Phishing Scams and Fraudulent e-mail. 2008).

Having gained knowledge about these details, they systematically use it for illegally siphoning off funds from accounts for other fraudulent purposes. As a common practice, banks do not require customer information through e-mails and therefore, customers who part with it, do it at their own risk and responsibility. Customers stand warned that any requests to disclose sensitive personal banking information through ‘genuine’ websites are hoaxes and need to be ignored and such requests are brought to the notice of responsible officials for redressals.

Important deficiencies that may arise from the above analysis

It may not be possible to immediately discover fraudulent dealings, especially if it were done externally. It is also possible that the entire premise of these illegal transactions may not be genuine and correct but without corroboration or legal acceptability, which makes it onerous to reach the real culprits. Moreover, the need for concrete evidence and factual records linking the crime with suspects needs to be made in order to achieve a breakthrough in cybercriminal cases. Unlike other crimes, cyber crimes can leave little audit trails or evidential shreds. Protocols need to be honored and maintained and the law needs to take its course, however lengthy and exasperating it may become.

What steps are necessary to remedy the identified deficiencies – list such steps as additional loggings- further backups – purchase of additional resources – implications for staffing, training, contracting with third parties?

1. The customer should encrypt sensitive data from risks of misuse or criminal misrepresentation.
2. AVS (Anti Virus systems protectors) and also firewalls need to be linked to the Internet connections to disengage various types of viruses and cyber-attacks. The firewalls should ensure the highest security precautionary measures. Firewalls are mainly designed and operationalized to separate the internal networking segments from the internet system.
3. High-security data should be entered through the Encryption method.
4. The Banks should provide Additional Secure Access passwords to customers for ensuring the total safety of internet banking transactions.
5. The installation of firewalls should be subject to thorough pre-checking, inspection and evaluation prior to, during and after its installation in order to circumvent future malfunctioning.

Adequacy of existing employment contacts- staff manual- to give the employers additional investigative powers

The employment contracts served to the employees need to contain clauses that protect the company in the event of exigent circumstances arising in the future with respect to contract obligations. It is necessary that the employees need to maintain privacy and confidentiality in matters connected with the banking business, especially with regard to disclosures of customer accounts and matters connected therewith.

Further, it is also necessary that such manuals define all possible aspects enjoining the relationships between the banking company and the employee, especially with regard to ethical practices and code of conduct to be observed by the employees. In all matters connected with the bank.

Comment on the extent to which new or changed management structures might improve the organization’s ability to manage incidents in which evidence may be important

“Risk management is hampered by the lack of robust and reliable statistics of the nature and extent of cyber-threats, incidents and risks.” (Rathmell 2002, p.12).

The main idea behind forensic research programs is to provide digital evidence to control and circumvent cyber crimes. However, it is also necessary that the surrounding environment supports and reinforces the prevention of incidents. The new or revised environments need to address the following aspects to be successful in thwarting or controlling crimes:

• Definition and localization of the business setting that needs digital
• The identification of obtainable sources and discrete nature of probable proofs
• Establish the proof collection responsibility.
• Undertake efforts to collect legally admissible evidence
• Institute guidelines for protecting storage and handling of prospective data.
• Make sure monitoring is focused on identifying and dissuading major incidents.
• State circumstances when acceleration to a full formal inquiry (which may use the digital Evidence) should begin.
• Educate staff in incident consciousness, so that all those concerned understand their role in the digital evidence process and the legal importance of evidence.
• Produce an evidence-based folder describing the occurrence and its implications.
• Make certain legal assessments to make possible action in reply to the incident. (Rowlingson 2004).

Conclusion

It is seen that the fundamental need for FRP is to prevent and solve cyber-related crimes and malpractices using state-of-the-art digital technology. To large extent, its success would depend upon its actual utilization in empirical situations and how best it could be fully geared with other prevalent anti-crime systems in ensuring a crime-free environment.

The accent needs to be more on the pre-emptive side since this is a difficult proposition entailing both awareness and execution of plans, policies and procedures. It is also necessary to keep pace with the latest developments and deployment of technology since the hue and variants of cybercrimes are evolving with each passing day and FRP could be rendered obsolete and effective if it did not equip itself to meet modern challenges posed by criminals in the 21^st century.

Bibliography

Forensic Readiness: Symantec Security Learning Services. (2005). [online]. Symantec. 10. Web.

SOMMER, Peter. (2005). Information Assurance Advisory Council: Directors and Corporate Advisors’ Guide to Digital Investigations and Evidence. Web.

RATHMELL, Andrew. (2002). Threat Assessment and Metrics: Information Assurance Advisory Counsil. Web.

Recognize Phishing Scams and Fraudulent e-mail. (2008). Web.

ROWLINGSON, Robert. (2004). A Ten Step Process for Forensic Readiness.