Some people hack for fun and some to fulfill their malicious goals.

In
2008 FBI reported that Internet fraud had resulted in $264.6.The
government and other large important organizations are also at
high risk of having confidential and sensitive data (i.e. bank
account holders credentials) which can be easily stolen from
their online database. The problem was detected when series
of denial-of-service (DoS) attacks happened in 2009, targeting
some government agencies websites in the South Korea and
USA, including the website of White House and the National
Security Agency [source: Olsen], highlighting the need to
educate the people regarding the recent trends in hacktivism.

The following recent hacktivism trends are identified:

A. In Social Networking Websites
Social networking sites are a popular means of socializing,
connecting with friends and relatives. Users create their
accounts and share their personnel information through these
sites. A hacker hacks the account of a common friend and
precedes the task by sharing a link to all the persons connected
with that account.

B. In Cloud Computing
Cloud computing provides large scale pool of resources,
wide access, dynamicity, cost effective solution for storage.
Public, Private and Hybrid deployment models exist for cloud
computing along with various service models like Software as
service, Integration as service, Database as service, and
Security as service.

The data on cloud is not

secured, it can be leaked easily.
But SQL injection is one of the highest possibilities in a
SaaS application. It is a method of attack in which an attacker
can exploit vulnerable code and the type of data an application
can access and can be exploited in any application parameter
that influences a database query.

C. In day to day Web browsing

It is basically driven
by malware downloads onto the user system without any
permission. Cyber criminals generally do this by exploiting
browser vulnerabilities to deliver the malware by hiding it
within web pages and invisible elements or by embedding an
image that can be unknowingly delivered from the website on
the users system.

Hacker creates a link on the website for the purpose of

hacking like a message flashing asking to update flash player.
Clicking on that link causes the installation of a malicious
malware (i.e. keylogger) in system, which can work as a
spyware. The information typed into browser will be
transmitted to the hackers email address which is mentioned
in that spy script. Every keystroke pressed is sent to the
specified email address and it will cause more damage in case
of online transactions where credentials i.e. username,
password are used which can be easily stolen using keylogger.

D. Phishing
Given that a typical phishing campaign
takes at least one hour to be identified by IT security vendors,
which doesnt include the time required to take down the
phishing Web site, the first 60 minutes of a phishing sites

DIGITAL FORENSICS AND ITS CLASSIFICATION

It is the branch of forensics and is used to recover and

investigate the material found in digital devices for making
use of it in especially computer crime. Here the scientific
methods are being applied but within the regulations of the
law. It is the process in which the acquisition, analyzing and
presentation of the digital evidence are done. Digital evidence
is the data/information collected from digital devices like CD,
DVD, Flash drives, Floppy Disks, memory cards, mobile
phones, RAM etc. Assertion is made on the basis of
information collected

Branches of Digital Forensics include Computer forensics,

Network forensics, Mobile device forensics, Database
forensics, memory forensics and email forensics.

existence is the critical golden hour

The following are the current challenges in the field of digital

forensics:
Sheer amount of data
Digital Media Types
Online Disks
Anonymity of the IP

 Anti Digital Forensics (ADF)

Testing and Validation
Size of Evidence

A. Sheer amount of Data

One of the main challenges being faced in Digital Forensics
is the sheer amount of data being generated by network which
often comprises of gigabytes of data a day

B. Digital Media Types

People use various digital devices in their day to day life.
The technique which we use for a specific device cant be
used for other device because every device has its own
characteristics (i.e. data transfer speed etc). These days
people use USB thumb drive, iPod, cell phone/PDA, digital
camera, remote storage devices and other removable media
very frequently

C. Online Disks
These days online disks are used frequently for various
purposes (i.e. for storing data of clients). Again it creates lots
of problem in the device imaging step of digital forensics
evidence generation process like imaging large online active
disk farms. Because in the imaging process of disks these
firms (i.e. amazon.com) have to discontinue their service until
all the drives are being copied
D. Anonymity of the IP
The second big challenge of network forensics is the inherent

anonymity of the Internet protocols. Some form of addressing

for the 'to' and 'from' points is used in Network layer such as
MAC addresses, IP addresses and e-mail addresses. All of
these can be easily spoofed. With the help of wide range of
powerful software, products built for forensic analysis it
becomes practical to solve cases through the analysis of
network activity

E. Anti Digital Forensics (ADF)

Anti forensics (AF) is that set of techniques and measures
taken by people who want to slow down or bring to halt the
digital investigation process. The concept of AF is not only
used by Criminal class but also used legitimately by those who
wish to protect their privacy
AF concerns an approach to
manipulate, erase or obfuscate digital data or to make its
examination difficult, time consuming, or virtually impossible.
AF concept is not new many hackers have been using Root
Kits for years to compromise computer systems and hiding the
activities of malicious code (malware).
F. Testing and Validation
Experienced detectives and investigators used their welldeveloped
policing skills, in conjunction with the automated
software, to provide sound evidence. However, the growth in
the computer forensic field has created a demand for new
software, so developers have to increase the functionality of
existing forensic tools. Tool used in investigation process
should be true forensic software having capability to meet the
requirements of trial process

G. Size of Evidence
With the examination of any evidence, a well-documented
chain of custody must be there. Forensic analysis process
should include notes taken by the forensic expert. The report
has the details of hardware examined (i.e. hard disk etc), the
procedures and software tools used in the examination and the
evidences found. The volume of evidence is not fixed and it
can vary according to the crime
VII. CONCLUSION
There is always a competition between the development of
digital forensics and anti digital forensics tools. The pace of
the hackers is almost same as that of the ethical hackers
making the process of creation of digital evidences delayed.
As a result of this the culprit is not able to get the punishment
within the defined interval of time. The main problem being
faced by the digital forensics is the absence of cyber laws
making the cyber security an issue in these countries. Even if
the cyber laws are present the cyber policing system is not that
advance to tackle such issues making it quite easy for
criminals to commit crime without being caught.

The latest to add to this list is the defective cyber forensics approach of
Central Bureau of
Investigation (CBI) in Aarushi Talwars murder case. According to media
sources, the
defence counsel in the Aarushi Talwars murder case had challenged the
prosecution
version of CBI that Rajesh Talwar was awake on the night when crime took
place and
had used Internet connection at regular intervals