Digital Forensics - Incidents And Legislation And Regulations

Question: Describe about the term for Digital Forensics, Incidents And Legislation And Regulations? Answer: Incidents And Incident Response Moodle (Modular Object-Oriented Dynamic Learning Environment) is an open-source software learning management system made available for the public at free of cost. The software is written in PHP and made available to the public with the General Public License. This software is used by many Universities and many educational institutions for distance education, blended learning, e-learning and flipped classroom purposes. Apart from them, it is also used by many educators and trainers throughout the world. Many Universities use it in large scale to use Moodle for submission of the assignments by the students and distribution of the learning resources to the students. Turnitin is plagiarism prevention service that is based on internet. Many schools and Universities use this software for submission of essays and assignments by the students, with license. Tunitin could be well integrated into Moodle to become Turnitin Moodle. The integration is done with the pug-ins. Since vast learning resources and numerous assignments are shared on the internet, it is quite possible that the content can be mis-used or any unwanted incidents can happen, which will become digital offense, in the cyber world. Risk Scenarios, Related To The Submission Procedure Risk Scenario 1 There is a file submission procedure involved in the Moodle Turnitin. The usual procedure is that the student logs in to his account and then follows the guidelines to submit the procedure. Once the student logs in, he or she will be able to submit the assignment, access the previous assignments, even can download the previous assignments for further editing operations. The students, who are close to each other, it is possible that the log in credentials of one student can be known to the other students. Let us consider one scenario, which can be risky. For example, student A is a bright student in academics and always gets the excellence grades for the assignments submitted by him or her. Then a student B can get the log in credentials of the student A, through friendship or through any other means. So, the student B can log in to the account of the student A and can download the assignments, submitted by him. The assignments, which are of excellence grade, can be downloaded and copy the skeleton and rewrite the assignment, in order to pass the plagiarism program in the Turnitin. The student A may not be known about this misuse of his or her credentials. It can be one potential risk scenario. Risk Scenario 2 The assignments submitted by the students are in the form of files, usually in MS-Word format. There is a possibility that the file management system can be compromised by the hacker or by any malware that can possibly attacked to the software. When the file management system is corrupted, the assignments submitted by the students would not reach the web server of the Moodle or Turnitin portals. As the files are not stored in the web server of the portal, the staff or faculty would not be able to receive or access the assignments submitted by the students and cannot provide the feedback based on the assignment. This can be another possible risk scenario 2. The files that are uploaded as submissions to Moodle assignments, by the students can become irrecoverable. The links and peer assessment activity in the offline would also not be recoverable. Eventually, the academics could not download the assignments and could not mark them and feedback could not be given within turn-around times. The files, which were uploaded as the feedbacks to the assignments, Quickmail attachments and forums attachments, including the Quiz questions, module files and assignment instruction files can also not be recoverable. The submission files that were uploaded to the Turnitin activity can also get impacted at the dates of the issues. Incident Management The following is the incident management for the risk scenario 2, considering it is happened and the actions taken by the management. Detection The incident has got detected by the staff and student as the ServiceNow has received many queries and complaints about the problem related to the submission and download of the assignments on Monday, 27th November. Response After the detection of the incident, both ERES and LEaD responded immediately and alerted all the students and staff about the situation and the further procedures that they have to follow for the submission, upload and download of the assignments. Apart from the responses attempted by the ERES and LEaD, there were attempts for the local fixes, as the following. Students are asked to email the assignments Alternative submission areas were added to the modules Individual extensions are set up for the affected students The academic staff, who logged before 9:14am on Monday were able to access and download the assignments, in a few cases. Report The following stage of the digital forensic incident response involves reporting. ERES then started running the reports on the Moodle. The list of the impacted files, modules, users and assignments is made through producing a spreadsheet. The preparation of the list of the impacted items is completed by Wednesday, 2nd December. According to the report, the incident had impacted all the assignments that were submitted to Moodle, right from the beginning of the incident period, no matter what were the deadlines, either in the past or in the future. The deadline was extended for the students to submit the assignments, by the educational institutions and Universities, but the students were not able to submit the assignments, because the submission files were inaccessible and unavailable as the broken link could not be accessed, from the area of student submission in the Moodle. Later, the deadline was further extended till 4th December, till 5 pm. The re-upload of the files were made possible, after the broken module file links were removed. The staff of ERES and LEaD were involved both in the extension of the deadlines as well as in the removal of the broken file links. The problems continued in the broken link to the submission area of the students, as they entered the option, Add a new attempt based on previous submission. The staff of ERES and LEaD had re-created the links for these students working on 4th of December and the following weekend days, 5th and 6th of December, 2015. Long Term Incident Response Measures ERES and LEaD have made a combined effort, and set certain recommendations to prevent the issues repeating regarding the submission and access of the assignments. Backups of Moodle are to be ensured for continuous seven days a week. Educational technology support was interrupted in the weekends, from 5pm Friday to 9am on Monday. The deadlines are reconsidered to be set over the weekends. Business Continuity Communittee to look after and co-ordinate the vital University-wide process to deal further assignment submissions, in cases of major IT failure. Heads of Blended Learning Theme Lead and Educational Technology were recommended to communicate the Moodle Service Manager as soon as possible, right after Moodle incident is identified. (Education Student Committee 11.02.16, Item 6b, Major incidents and Online Assessments, available on https://www.city.ac.uk/__data/assets/pdf_file/0020/303653/6b-Major-Incidents-and-Online-Assessment-Report-Format.pdf, accessed on 9 March 2016) Legislation And Regulation Disclosure Of Credentials Of A University Student To A Friend Let us consider a case of the disclosure of the credentials of a University Student to his or her friend. Once the friend gets to know the login credentials of the student to get into the database of the University and the friend has attempted to login with these credentials, it will become an unauthorised access. It is an offense and the offense for the unauthorised access is also called as a summary offense, according to the Computer Misuse Act, 1990. Eventually, the friend of the student gets fined with maximum of 5000 bucks and he or she may also get the punishment of 6 months imprisonment. In case the friend of the student accesses the database of the University regularly with the intention of stealing or downloading the content, it is going to be an unauthorised access with intent and it is going to be a serious offense. In addition to the accessing, downloading the data owned by the University, if the friend of the student has attempted to change the grades or any sensitive information in the website, it is going to be an unauthorised modification and it is going to be a much serious offense, according to the Computer Misuse Act, 2006. In the case of the using the credentials of the student of the University, the major offender will be the friend of the student, who gets the login credentials and use them to access the database of the website. Though, the student can also be considered as an offender, he cannot be punished, as the revealing of the credentials might be done intentionally or unintentionally or with his or her knowledge or without knowledge. Section 3A, the amendment made by Police and Justice Act, 2006, with the clause 38 will be applicable, which says that making, supplying or obtaining the articles can be cyber offenses. Accordingly the student of the University can also be penalized for revealing the credentials, though it is done unintentionally. Section 3A in the Computer Misuse Act 1990 inserted by clause 38 of the Police and Justice Act 2006 Computer Misuse Act 1990 is described as An act to make provision for securing computer material against unauthorized access or modification; and for connected purposes [Stefan Frederick Fafinski, Computer use and misuse: the constellation of control] The Police and Justice Act 2006 amended the previously developed Computer Misuse Act 1990, under Miscellaneous Part 5 Computer Misuse Amendments. The section 3, which was there before in the Legislation and Regulation is replaced by the new section 3A offense, as part of the amendments introduced by the Police and Justice Act 2006. The section 3A offense criminalises the following. Criminalization of making articles Criminalization of supplying the articles or obtaining the articles, towards the usage, in the computer misuse offences. After the section 3 is inserted, the section #3A is specified as the following. A person is found to be guilty of an offense, in case the person adapts, makes, supply or even offer to supply any of the articles, With the intention of using the article to commit or even as assisting to the commission of, the offense, covered under the sections 1 or 3. Or, believing that the article is expected or likely to be used for harmful intentions. A person is considered as guilty of an offense, in case the person obtains any of the digital articles for the intention or view to supply towards the usage to commit, or even to help in the commission of the digital offense, under the 1 and 3 sections. The article here indicates any data or program held in any of the digital or electronic form. A person, who is a guilty of offence under this section 3A shall be liable For the summary conviction covered in the locations of England and Wales, to fine that does not exceed to the value of statutory maximum or imprisonment for not exceeding the period of 12 months or sometimes, both of them. On summary conviction covered in the location of Scotland, to fine that does not exceed the statutory maximum or imprisonment for the period of not more than 6 months, or even both. On conviction done on indictment, to a fine or imprisonment that does not exceed the period of two years or even both. Relevance To The Digital Forensic Digital forensics is considered as one branch of science, called forensic science. Digital forensic science encompasses the investigation and recovery of the material from the digital devices, related to the computer crime. The section 3A of the Computer Misuse Act 1990 is declared as making, supplying or obtaining of any articles in unauthorized ways indicates to be an offense. Digital forensics science is strengthened with this Act, as any unauthorized access of the articles, in the digital form can be processed as an offense. Digital forensics is a science and it can investigate the reasons, people and technologies involved in the respective criminal offense happened. The intentions of the offender can also be investigated, using the digital forensic technologies developed vastly during this decade especially. So, after the detailed investigation report is made and submitted to the respective authorities, the following step is the punishment of the offender and compensating the victim, with appropriate compensation that he or she had lost, during the digital offense. When the Acts are clear, like mentioned in the section 3A of Computer Misuse Act 1990, the relation of the level of offense and level of the punishment can be decided. The objective of the digital forensics is to investigate and find the reasons of the digital offense, whereas the objective of the Computer Misuse Act 1990 is to punish the cyber criminals, so that the digital offenses can be reduced and support healthier coordination and communication of the community and live in harmony. Controversy The new section 3A amendment of the Computer Misuse Act 1990 has gone through controversy. The controversy and criticism are received from the IT professionals. Nature of Controversy Controversy of the section 3A amendment is received by the IT professionals in terms of technological inadequacy. According to these professionals, the tools used by the authorities to investigate the reasons for offense and apply for the digital forensics, are inadequate. The argument made by the IT professionals is that the tools developed and introduced for the legitimate purposes can also be used for harmful intentions of the criminals. This clause, in terms of the IT professionals, has become controversial arguing that it intends to ban the hacker tools. The hacker tools that are used for positive and good intentional purposes, by the IT industry, are discouraged to development, distribution and ownership of them. This discouragement hinders the security personnel, who should be using these hacker tools towards the security testing of the systems. The clause also discourages the use of the dual use of the software developed, which is legal now and can be used for the legal purposes, for the possibilities that these can be used for illegal purposes. Spy Blog has pointed out that according to this clause, even the web browser could be turned into poorly configured browsing system. So, developing and distributing the web browsers also could be illegal, which is considered as a legal activity for browsing the websites, which is not harmful intent. Another controversy is that the proposed legislation does not cover the password crackers, which are the password recovery tools. Clause 38 is considered as an absolute madness and pure idiocy, by Earl of Northesk and said in public. The Computer Misuse Act 1990 has considered all the inputs and feedback from the APIG and other sources and made the necessary amendments in the following years. The Computer Misuse Act 1990 has been criticized majorly by APIG (All Party Parliamentary Internet Group) and the same APIG held a public inquiry for the desirability of revising the Act. The enquiry has focused majorly, for the following. Broadness of CMA to cover the possible cyber criminality encountered in day to day cyber life Whether the generic definition of data and computers of CMA has stood the time test Whether any loopholes are there in the Act, which demand to be plugged Revisions that may be needed to meet the international treaty obligations of us Whether the penalties level in the CMA would be sufficient to deter the criminals today APIG also called upon many interesting parties to suggest and advise their opinions by presenting written evidence to inquiry. APIG provided a platform for a discussion forum to establish communication between parliamentarians and new media industries. Finally, the Computer Misuse Act 1990 has made the necessary changes and made certain amendments to come with the following declarations. A person would be a guilty of an offence, if making, adapting, supplying or offering to supply any articles A person is considered to be guilty of an offense if he or she supplies any articles or offer to supply them, it is also an offense under section 1, 3, etc. A person is considered to be guilty of an offense if any article is obtained with intention to commit or even for assisting towards the commission, or at least with a view to commission Article means here any data or programs A person, who is considered to be guilty under any of these sections would be liable towards, On summary convictions in the location of England and Wales towards fine, and or imprisonment of not more than 12 months n summary convictions in the location of Scotland, to imprisonment for term period of not more than 12 months On conviction on indictment, towards imprisonment that does not exceed the term period of 2 years or fine, or even both There are many of the theories developed and struggle with the pre-conceived notion of possibility of harm that could arise from the misuse of the computers. However, the consequences that are viewed and taken as examples are less substantial, when compared to them that arise from the other familiar criminalized conduct and more tangible criminalized conduct. This perception of insubstantial harm that is general, is considered to be nature of many computer misuse manifestations. The harm that is resulted is usually kept secret, sometimes hidden or latent. In some of the cases, the harm is not even understood and familiar by the victim. In such cases, it may also be consider as non-criminal. APIG also proposed insertion of the new section, addressing the denial-of-service [Fafinski, 2006]. Since the harm from the computer misuse is unsubstantial and when considered in the standpoint of the instrumentalist, where the criminal law serves to be the means of protection of public interests or set of individuals from the substantial harms, are then would not be applicable generally. In addition to that a liberal consensus view, which do not consider the criminalisation of deviant behaviour to be justified, except in the cases, where threshold of seriousness that treat it to be harmful to the society and to the others. As the computer misuse usually comprise of non-serious, harms or playful, criminalisation of misuse cannot be justified in the view of consensus perspective, to the instances that would pose threat to the national security or national safety or safety to individuals. Later the Police and Justice Act 2006 had made three amendments to the Computer Misuse Act 1990 and it came into force by 1st of October in 2008 [Farinski, 2008]. Computer misuse criminalisation also has little support on its moralistic grounds, as the computer misuse is usually not taken or considered to be immoral conduct. This viewpoint may get arise usually from the relationships among the individuals as well as the technology, in which the regular and conventional oral norms and rules usually dont apply [Tsouli, 2007]. References: [Frederick, S F, Computer Use and Misuse: The Constellation of Control, (2008)] [Fafinski, S, Computer Misuse: Denial-of-service Attacks (2006) 70 Journal of Criminal Law 474] [Fafinski, S, Access Denied: Computer Misuse in an Era of Technological Change (2006) 70 Journal of Criminal Law 424]