Editing Computer forensics (section)

==Overview==
In the early 1980s, personal computers became more accessible to consumers, leading to their increased use in criminal activity (for example, to help commit [[fraud]]). At the same time, several new "computer crimes" were recognized (such as [[Software cracking|cracking]]). The discipline of computer forensics emerged during this time as a method to recover and investigate [[digital evidence]] for use in court. Since then, computer crime and computer-related crime has grown, with the FBI reporting a suspected 791,790 internet crimes in 2020, a 69% increase over the amount reported in 2019.<ref>{{cite web|url=https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf |title=2020 Internet Crime Report |website=IC3.gov}}</ref><ref>{{cite web|title=IC3 Releases 2020 Internet Crime Report |url=https://www.fbi.gov/news/press-releases/fbi-releases-the-internet-crime-complaint-center-2020-internet-crime-report-including-covid-19-scam-statistics |website=Federal Bureau of Investigation}}</ref> Today, computer forensics is used to investigate a wide variety of crimes, including [[child pornography]], fraud, [[espionage]], [[cyberstalking]], murder, and rape. The discipline also features in civil proceedings as a form of information gathering (e.g., [[Electronic discovery]]).

Forensic techniques and expert knowledge are used to explain the current state of a ''digital artifact'', such as a computer system, storage medium (e.g., [[hard disk drive|hard disk]] or [[CD-ROM]]), or an [[electronic document]] (e.g., an email message or JPEG image).<ref name="cf-education"/> The scope of a forensic analysis can vary from simple [[information retrieval]] to reconstructing a series of events. In a 2002 book, ''Computer Forensics'', authors Kruse and Heiser define computer forensics as involving "the preservation, identification, extraction, documentation and interpretation of computer data".<ref name="kruse"/> They describe the discipline as "more of an art than a science," indicating that forensic methodology is backed by flexibility and extensive [[domain knowledge]]. However, while several methods can be used to extract evidence from a given computer, the strategies used by law enforcement are fairly rigid and lack the flexibility found in the civilian world.<ref name="gunsch"/>

=== Cybersecurity ===
Computer forensics is often confused with [[cybersecurity]]. Cybersecurity focuses on prevention and protection, while computer forensics is more reactionary and active, involving activities such as tracking and exposing. System security usually encompasses two teams: cybersecurity and computer forensics, which work together. A cybersecurity team creates systems and programs to protect data; if these fail, the computer forensics team recovers the data and investigates the intrusion and theft. Both areas require knowledge of computer science.<ref>{{cite web|title=What Is Computer Forensics? |url=https://www.wgu.edu/blog/computer-forensics2004.html |website=Western Governors University}}</ref>

=== Computer-related crimes ===
Computer forensics are used to convict those involved in physical and digital crimes. Some of these computer-related crimes include interruption, interception, copyright infringement, and fabrication. ''Interruption'' relates to the destruction and stealing of computer parts and digital files. ''Interception'' is the unauthorized access of files and information stored on technological devices.<ref>{{cite book|last1=Kruse II|first1=Warren G.|last2=Heiser|first2=Jay G.|title=Computer Forensics: Incident Response Essentials |publisher=Pearson Education |date=2001 |isbn=978-0-672-33408-5}}</ref> [[Copyright infringement]] refers to using, reproducing, and distributing copyrighted information, including software piracy. ''Fabrication'' involves accusing someone of using false data and information inserted into the system through an unauthorized source. Examples of interceptions include the Bank NSP case, Sony.Sambandh.com case, and business email compromise scams.<ref>{{cite book|last=Sabry|first=Fouad|title=Digital Forensics: How digital forensics is helping to bring the work of crime scene investigating into the real world |publisher=One Billion Knowledgeable |date=2022 |isbn=978-1-792-30942-6}}</ref>