Book Review: Investigating Internet Crimes
Any organization that has a sizeable web presence, especially if it involves e-commerce, will inevitably become a victim of some sort of Internet malfeasance. Contrary to popular management belief, knowing how to effectively deal with, respond to, and recover from such incidents is not a trivial endeavor. Nothing proved that more than the Sony breach of 2014.
In Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace, authors Todd Shipley and Art Bowker provide the reader with an effective framework and methodology on how to deal with online incidents and crimes. The book is a thorough primer to the fundamentals of the topic. It is light on theory, but heavy on real-world practicality.
The book focuses on using software tools to investigate Internet-based crimes and explains how these tools can be used during an investigation. The authors astutely note that the reader should not get caught up in the investigative tools themselves, and that having a proper focus on how to approach an incident is more important than the tools. Good tools in the hands of a clueless corporate investigator are, for the most part, useless, and that is what the book exhorts the reader to avoid.
The authors also offer advice on how to ensure any evidence gathered is admissible in court. Investigators need to know that being careless with evidence can stop a prosecution in its tracks.
Both authors and technical editor Nick Selby have decades of law enforcement and real-world experience, so the book is authoritative and practical. For those needing a guide to get them up to speed on the topic, Investigating Internet Crimes is a great place to start.
Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), is a senior information security consultant with The Nettitude Group.