Investigative Computer Forensics – The Practical Guide for Lawyers, Accountants, Investigators and Business Executives

ERIK LAYKIN, CHFI, CEDS, is a Managing Director of Duff & Phelps, LLC and was a cofounder of its Global Electronic Discovery and Investigations practice. He focuses on large-scale international corporate investigations and high-stakes litigation issues in which computer forensics and electronic discovery play a major role. Mr. Laykin is frequently appointed as an expert witness, independent neutral, or special master in federal and state courts and has served in an advisory capacity to hundreds of corporations, law firms, and government agencies in the U.S., Asia, and Europe. As an early pioneer in the computer forensics and cybercrime field, he regularly comments on these emerging technology and business issues at industry conferences and for the media, including CNN, Fox, ABC, NBC, CBS, major newspapers, and periodicals. Mr. Laykin is active in a variety of organizations including the HTCIA (High Technology Crime Investigation Association), FEWA (Forensic Expert Witness Association), ABA (American Bar Association), and is a past president (Los Angeles) and Pacific Rim director of the FBI's InfraGard Program.

Foreword Preface This Book's Setup Acknowledgments Introduction Investigative Computer Forensics Changes in Technology Changes in the Role of the Investigator What Is Computer Forensics? Chapter 1 The Glue The Relevancy of Truth Foundations of Digital Evidence Investigative Objectives The Investigative Process Trust Privacy Chapter 2 A Primer on Computers and Networks The Mechanics of Electronically Stored Information Optical Drives The Server The Router Application Data Metadata Databases Email Mechanics The IP Address Computer Time Artifacts Social Media Tablets Cellular Telephones and Smart Phones Audio and Video The Global Nervous System Worldwide Data Fundamentals of Network Traffic The Firewall Data- and Traffic-Gathering Applications Dynamic Data Capture The Cloud International Data Security and Privacy Issues Chapter 3 Computer Forensic Fundamentals The Establishment of the Computer Forensic Laboratory Evidence and Access Controls The Forensic Work Station Current Tools and Services Imaging Hardware X1 Discovery NetAnalysis Building a Team and a Process Computer Forensic Certifications The Human Quotient The Devil is in the Details Chapter 4 Investigative Fundamentals The Investigative Mindset Case Management Fraud and Investigative Analysis Information Sources and Records Investigative Techniques Surveillance and Interviewing Trade Secret Theft and IP Investigations HR and Interpersonal Investigations Reporting and Testifying Chapter 5 The Underpinnings of Investigative Computer Forensics Seizure and Examination of Digital Evidence Data Classification and Records Management Deleted Data Backups and Systems Preservation Computer Crime Analysis and Reconstruction The Who, What, Where, How of Data Contracts Agreements, Third Parties, and Other Headaches Ethics and Management Chapter 6 Tactical Objectives and Challenges in Investigative Computer Forensics Preparing for the Attack Early Case Assessment Investigative Pacing, Timing, and Setting Expectations Working with Multinational Teams Collections of Electronic Data in the Cloud and in Social Media Investigating Internet Service Provider Records Bridging the Actual World with the Cyber World Packaging the Findings Chapter 7 The Cyber Firefighters Incident Response Fundamentals Data Breaches Theft and Fraud Systems Failures Internal Investigations The Real-Time Predicament Building a Global Resource Network Honeypots and Other Attractive Intel-Gathering Targets Money Laundering and Internet Fraud Investigating Accounting Irregularities Databases and Structured Data Organized Crime in the Cyber Underworld The Cyber Underworld in Various Regions State-Sponsored Cyber Crime Common Cyber Threats Identity Theft Intellectual Property and Trade Secret Theft Botnets, Malware, Trojans, and Phishing Data Breach Vulnerabilities The Hacker and His Environment Chapter 8 eDiscovery Responsibilities Electronic Discovery Reference Model eDiscovery Responsibilities Common eDiscovery Challenges Tools Services and Technologies Nuix LEXIS-NEXIS Law Emerging eDiscovery Realities European and Asian Observations Digital Evidence in the Courtroom Chapter 9 The Future Privacy and the Data Ecosystem Access Controls and the Evolution of Trust Global Communications Systems in the Cloud Nanotechnology and Cognitive Computing Digital Demographics and the Emerging Global Citizen Extra National Investigative Networks Zero Day Forensics Concluding Thoughts Index