SOP on computer crime response bared
By: Alfred P. Dalizon - Journal online
ONLY a computer forensic expert should search for any evidence contained in the hardware.
This is just among the standard operating procedures cops have been urged to observe in incidents involving computer crime.
Under Rule 26 of the Police Operational Procedures, computer crime response is the actual police intervention in an incident where the acquisition of evidentiary value are traceable within the computer’ hardware and its network.
Among the do’s and don’t’s in computer crime response are:
-- when the computer is OFF at the time of arrival, do not turn it ON;
-- when it is ON, do not turn it OFF nor touch its mouse or keyboard;
-- if available, call for the Computer Incident Response Team or CRT;
-- if CRT is not available, the unplugging of the computer whether it is ON or OFF at the time of unplugging should be done by pulling out the cable directly from the back of the Central Processing Unit or CPU;
-- each unplugged cable must be marked in the same marking corresponding to the socket from where the cable was unplugged. (Example: ‘Socket’ marked ‘A’ and the ‘Cable End’ also marked ‘A’). The computer should be carefully handled and packed for transport to the police station;
-- only a computer forensic expert should search for any evidence contained in the computer hardware;
-- the computer hard disk should be duplicated by the forensic expert and the original should be kept by the evidence custodian for future presentation. Search and analysis shall be undertaken using the imaged disk.
The need to remind police of the computer crime incidents procedure is necessary as criminals now use the latest computer in illicit activities such as money-laundering, cybersex, bank and credit cards fraud, kidnapping, bank robbery, drug trafficking, large-scale illegal recruitment, rebellion and terrorism.
Officials have expressed concern that improper handling of computer evidence might hamper follow-up operations to get hi-tech criminals and terrorists, including their financiers and masterminds, and worst, erase vital evidence needed in unmasking members of the syndicate as well as their activities, past and present.
Last week, the Philippine National Police Criminal Investigation and Detection Group headed by Chief Supt. Raul L. Castañeda arrested 17 suspected members of an illegal recruitment agency led by a Filipino-Chinese businessman following complaints sent to the police by relatives of the victims through Vice President Noli de Castro.
PNP chief Director General Avelino I. Razon Jr. said the suspects, led by Luciano Lim, owner of the Excellent Travel Agency with office at 1523-1525 M. H. del Pilar St. in Ermita, Manila, were arrested for violation of Republic Act 9208, otherwise known as the Anti-Trafficking of Persons Act of 2003.
CIDG agents who raided the travel agency’s office on the strength of a search warrant issued by Judge Emma Young of the Manila Regional Trial Court Branch 36 seized 13 sets of computers, a recording transmitter, a paper ticket printer and other computer paraphernalia which are now being examined by the CIDG Cyber-Crimes Center.
Castañeda said Tuesday’s operation was the first big case unearthed by the CIDG Anti-Transnational Crimes Division involving trafficking in persons as evidenced by the electronic paraphernalia seized during the raid and considering the magnitude of such illegal activity.
“There are even reports that some of them become impregnated by their ruthless employers while others were homeless for the duration of their stay in Singapore,” Razon said.
Razon congratulated Castañeda and the CIDG-ATCD headed by Senior Supt. Gilbert Sosa for losing no time in attending to the case. Sosa said they are watching the activities of at least 20 other travel agencies involved in similar illegal activities.
“This is a major breakthrough in our war against illegal human traffickers. Hence, I am encouraging other victims to come out in the open to file their complaints with the CIDG,” the PNP chief said.
(The PNP urges victims of crime and rogue officers to send their complaints through Isumbong Mo Kay Tsip at 0917-8475757, the Anti-Kotong Text 0927-5151515; PNP TXT 2920, DILG Patrol 117 or send e-mail to tsip1@pnp.gov.ph or tsip@pnp.gov.ph)
ONLY a computer forensic expert should search for any evidence contained in the hardware.
This is just among the standard operating procedures cops have been urged to observe in incidents involving computer crime.
Under Rule 26 of the Police Operational Procedures, computer crime response is the actual police intervention in an incident where the acquisition of evidentiary value are traceable within the computer’ hardware and its network.
Among the do’s and don’t’s in computer crime response are:
-- when the computer is OFF at the time of arrival, do not turn it ON;
-- when it is ON, do not turn it OFF nor touch its mouse or keyboard;
-- if available, call for the Computer Incident Response Team or CRT;
-- if CRT is not available, the unplugging of the computer whether it is ON or OFF at the time of unplugging should be done by pulling out the cable directly from the back of the Central Processing Unit or CPU;
-- each unplugged cable must be marked in the same marking corresponding to the socket from where the cable was unplugged. (Example: ‘Socket’ marked ‘A’ and the ‘Cable End’ also marked ‘A’). The computer should be carefully handled and packed for transport to the police station;
-- only a computer forensic expert should search for any evidence contained in the computer hardware;
-- the computer hard disk should be duplicated by the forensic expert and the original should be kept by the evidence custodian for future presentation. Search and analysis shall be undertaken using the imaged disk.
The need to remind police of the computer crime incidents procedure is necessary as criminals now use the latest computer in illicit activities such as money-laundering, cybersex, bank and credit cards fraud, kidnapping, bank robbery, drug trafficking, large-scale illegal recruitment, rebellion and terrorism.
Officials have expressed concern that improper handling of computer evidence might hamper follow-up operations to get hi-tech criminals and terrorists, including their financiers and masterminds, and worst, erase vital evidence needed in unmasking members of the syndicate as well as their activities, past and present.
Last week, the Philippine National Police Criminal Investigation and Detection Group headed by Chief Supt. Raul L. Castañeda arrested 17 suspected members of an illegal recruitment agency led by a Filipino-Chinese businessman following complaints sent to the police by relatives of the victims through Vice President Noli de Castro.
PNP chief Director General Avelino I. Razon Jr. said the suspects, led by Luciano Lim, owner of the Excellent Travel Agency with office at 1523-1525 M. H. del Pilar St. in Ermita, Manila, were arrested for violation of Republic Act 9208, otherwise known as the Anti-Trafficking of Persons Act of 2003.
CIDG agents who raided the travel agency’s office on the strength of a search warrant issued by Judge Emma Young of the Manila Regional Trial Court Branch 36 seized 13 sets of computers, a recording transmitter, a paper ticket printer and other computer paraphernalia which are now being examined by the CIDG Cyber-Crimes Center.
Castañeda said Tuesday’s operation was the first big case unearthed by the CIDG Anti-Transnational Crimes Division involving trafficking in persons as evidenced by the electronic paraphernalia seized during the raid and considering the magnitude of such illegal activity.
“There are even reports that some of them become impregnated by their ruthless employers while others were homeless for the duration of their stay in Singapore,” Razon said.
Razon congratulated Castañeda and the CIDG-ATCD headed by Senior Supt. Gilbert Sosa for losing no time in attending to the case. Sosa said they are watching the activities of at least 20 other travel agencies involved in similar illegal activities.
“This is a major breakthrough in our war against illegal human traffickers. Hence, I am encouraging other victims to come out in the open to file their complaints with the CIDG,” the PNP chief said.
(The PNP urges victims of crime and rogue officers to send their complaints through Isumbong Mo Kay Tsip at 0917-8475757, the Anti-Kotong Text 0927-5151515; PNP TXT 2920, DILG Patrol 117 or send e-mail to tsip1@pnp.gov.ph or tsip@pnp.gov.ph)
Labels: cidg, computer crime, Cyber crimes, sop
0 Comments:
Post a Comment
<< Home