[ISN] Cybercrime spurs college courses in digital forensics

[InfoSec News]

http://www.usatoday.com/tech/news/techinnovations/2006-06-05-digital-forensics_x.htm

By Jon Swartz
USA TODAY
6/5/2006 

SAN FRANCISCO - One of the hottest new courses on U.S. college
campuses is a direct result of cybercrime.

Classes in digital forensics - the collection, examination and
presentation of digitally stored evidence in criminal and civil
investigations - are cropping up as fast as the hackers and viruses
that spawn them.

About 100 colleges and universities offer undergraduate and graduate
courses in digital forensics, with a few offering majors. There are
programs at Purdue University, Johns Hopkins University, the
University of Tulsa, Carnegie Mellon University and the University of
Central Florida. Five years ago, there were only a handful.

"I teach students to be like (TV supersleuth) MacGyver," says Sujeet
Shenoi, a computer science professor at the University of Tulsa.

Traditional students, police officers, government employees and
aspiring security consultants are taking the courses as more crooks
stash ill-gotten data and goods on PCs, PDAs, cellphones, network
servers, iPods and even Xboxes.

Students learn where to find digital evidence and handle it without
contaminating it. Once preserved, students are shown how to examine
evidence and present it clearly during court testimony. "If you revert
to geek speak, you can lose a judge, jury and prosecutor," says Mark
Pollitt, a digital forensics professor at Johns Hopkins University who
retired in 2003 after 20 years as an FBI agent.

Digital forensics is considered a crucial weapon in law enforcement's
escalating war against computer-related crimes. The science is used in
criminal investigations; civil cases such as employment lawsuits where
personnel records and e-mail correspondence are sought; and by
companies faced with cyberattacks. Plus, there are evolving state and
federal laws that define how evidence is handled in civil cases.

The evidence is particularly important in the seizure of data for
child pornography cases, which comprise a majority of criminal
investigations in the USA, says Marcus Rogers, an associate professor
who heads the computer forensics program at Purdue University's
College of Technology.

The FBI handled more than 9,500 computer forensics cases in fiscal
year 2005, which ended in September, compared with about 3,600 in
fiscal 2000, according to an FBI briefing.

The crush of cases has domestic intelligence agencies such as the
National Security Agency and the CIA, local law-enforcement officials
and companies clamoring for experts in finding and preserving digital
evidence, security experts says. "There is a thirst in government
agencies for (cyberinvestigators)," Pollitt says. There appear to be
no shortage of suitors. Since he enrolled in Purdue's master's program
last fall, Blair Gillam says he has been approached by recruiters
representing government agencies and the private sector.