Safeguarding the Kenyan cyber highway from virtual fraudsters and other malignant cyber characters is vital. Our dependence on ICT is steadily growing and is present in many different aspects of our lives e.g. public utilities, communications (mobile telephony e.g. Safaricom), financial institutions (ATM’s), medical (diagnostic equipment) and others.
Our digital networks are foundations for our future development. These networks might be corporate Local or Wide Area Networks or home based wireless networks. These digital resources need protection due to the valuable information that traverses them. They are however vulnerable to illegal intrusion and penetration.
ICT Security involves the implementation of safeguards that protect against this intrusion, mishaps and mistakes. These safeguards include: physical security, operational security, information security, disaster recovery, access control, cryptography, auditing, laws and ethics.
The motive here is to prevent a breach. A simple analogy would be the multiple security locks and alarm systems installed at homes to enhance domestic security.
Computer Forensics on the other hand involves the detection and investigation of criminal activities committed online, after the breach or intrusion has occurred. To achieve this, the process of evidence gathering is fundamental. Note that computer forensics and security differ in definition and function though they are fundamentally complementary.
Locard’s Principle of Exchange states that any person who enters a scene of crime leaves something behind and takes something from the scene with them. This applies to the physical and digital realms.
Forensic computing entails the use of sophisticated and modern technological tools and procedures that must be followed to guarantee the accuracy and preservation of digital evidence and the accuracy of results concerning computer evidence processing.
Due to the special characteristics of digital evidence it is necessary to consider it separately and with special consideration.
Evidence comes in two forms, physical and digital. Physical evidence will for example include the computer the crime was committed against or used, peripherals, mobile devices and other physical storage devices like DVDs, CDs, memory pens, paper evidence, documentation and others.
Digital evidence will on the other hand include deleted files, registry entries to the internet history cache, automatic word backup files, e-mail headers and instant messaging logs which give clues as to the intermediate servers through which information has passed through. Server logs also provide information about every computer accessing a web site.
Computer forensics is a vital component in combating white collar crime, child pornography and other malicious crimes. ICT technology has already permeated our society. It is only logical that we develop the attendant capacity to detect and investigate cyber-crime. Our limited expertise is already costing us and the rampant growth of child pornography at the coast is example enough that Kenya needs to develop computer forensic capacity.