Pitfall of Tracing Digital Footprints in Case of Suspected Crime of Unauthorized Access to the Computer Systém
Ing. Miroslav Čermák, Police Academy of the Czech Republic in Prague, postgraduate student
This paper describes to what it is necessary to pay extra attention in the course of tracing and securing digital footprints when an offense of unauthorized access to a computer system and information carrier according to § 230 of Act No. 40/2009 Coll. has been committed. This practice is common in a large organization where employees work in open spaces, have no permanent offices, and can access the network from any accessible computer or even from their private devices anytime and anywhere. This article practically gives advice how in such case effectively conduct a crime scene investigation, identify IT resources that need to be scanned on site, and ensure relevant digital footprints to convict the offender.
Keywords: digital footprints, memory dump, disk image.