دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید
در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید
برای کاربرانی که ثبت نام کرده اند
درصورت عدم همخوانی توضیحات با کتاب
از ساعت 7 صبح تا 10 شب
ویرایش: 1
نویسندگان: John Bandler. Antonia Merzon
سری:
ISBN (شابک) : 0367196239, 9780367196233
ناشر: CRC Press
سال نشر: 2020
تعداد صفحات: 361
زبان: English
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 11 مگابایت
در صورت تبدیل فایل کتاب Cybercrime Investigations: A Comprehensive Resource for Everyone به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب تحقیقات جرایم سایبری: منبعی جامع برای همه نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
جرایم سایبری همچنان سر به فلک می کشد، اما ما هنوز به طور موثر با آن مبارزه نکرده ایم. ما به بازرسان جرایم سایبری بیشتری از هر زمینه و کار در هر بخش برای انجام تحقیقات مؤثر نیاز داریم. این کتاب منبعی جامع برای همه کسانی است که با جرایم سایبری روبرو میشوند و به تحقیق میپردازند، صرف نظر از عنوانشان، از جمله کسانی که از طرف مجری قانون، سازمانهای خصوصی، سازمانهای نظارتی، یا قربانیان فردی کار میکنند. این مطالب پیش زمینه مفیدی در مورد زیربنای فنی و قانونی جرایم سایبری، به علاوه جزئیات عمیق در مورد جنبه های قانونی و عملی انجام تحقیقات جرایم سایبری ارائه می دهد.
ویژگی های کلیدی این کتاب عبارتند از:< /p>
این کتاب گسترده یک ضروری است. مرجع برای دادستان ها و افسران مجری قانون، عوامل و تحلیلگران؛ و همچنین برای وکلای بخش خصوصی، مشاوران، متخصصان امنیت اطلاعات، بازرسان دیجیتال پزشکی قانونی و غیره. همچنین به عنوان یک کتاب درسی عالی برای مربیان و مربیان عمل می کند. ما به بازرسان بیشتری نیاز داریم که بدانند چگونه با جرایم سایبری مبارزه کنند، و این کتاب برای رسیدن به این هدف نوشته شده است.
این کتاب توسط دو دادستان سابق جرایم سایبری با طیف متنوعی از تخصص در عدالت کیفری و بخش خصوصی تالیف شده است. آموزنده، کاربردی، و خواندنی است، با روش های نوآورانه و حکایات جذاب در سراسر.
Cybercrime continues to skyrocket but we are not combatting it effectively yet. We need more cybercrime investigators from all backgrounds and working in every sector to conduct effective investigations. This book is a comprehensive resource for everyone who encounters and investigates cybercrime, no matter their title, including those working on behalf of law enforcement, private organizations, regulatory agencies, or individual victims. It provides helpful background material about cybercrime's technological and legal underpinnings, plus in-depth detail about the legal and practical aspects of conducting cybercrime investigations.
Key features of this book include:
This far-reaching book is an essential reference for prosecutors and law enforcement officers, agents and analysts; as well as for private sector lawyers, consultants, information security professionals, digital forensic examiners, and more. It also functions as an excellent course book for educators and trainers. We need more investigators who know how to fight cybercrime, and this book was written to achieve that goal.
Authored by two former cybercrime prosecutors with a diverse array of expertise in criminal justice and the private sector, this book is informative, practical, and readable, with innovative methods and fascinating anecdotes throughout.
Cover Half Title Title Page Copyright Page Dedication Table of Contents About the Authors Acknowledgments PART I: Understanding Cybercrime, Computers, and Cybersecurity Chapter 1. Introduction: The Need for Good Cybercrime Investigators 1.1 Why This Book 1.2 Who Investigates Cybercrime? 1.3 How This Book Is Organized 1.4 Keeping It Fun: Anecdotes, Cases, Diagrams, and Cartoons 1.5 Onward and Upward Chapter 2. What Is Cybercrime and Why Is It Committed? 2.1 Introduction 2.2 What Makes a “Cyber” Activity a Crime? A Quick Introduction to Cybercrime Offenses 2.2.1 Computer and Network Intrusions 2.2.2 Data Breaches, Theft of Data, and Data Trafficking 2.2.3 Transmission and Use of Malware 2.2.4 Tampering with or Damaging a Network or System 2.2.5 Identity Theft and Impersonation 2.2.6 Theft of Funds and Fraud Schemes 2.2.7 Blackmail and Extortion 2.2.8 Money Laundering 2.2.9 Harassment, Threats, Stalking, and Revenge Porn 2.2.10 Possessing, Selling, or Sharing Child Pornography 2.2.11 Trafficking of Physical Contraband 2.2.12 Gambling 2.3 Cybercrime vs. Traditional Street Crime: The Differences 2.3.1 Technology, Internet and Networks 2.3.2 Distance: The National and International Nexus 2.3.3 Investigation Rate and Solve Rate 2.3.4 Connection to a Broad Criminal Ecosystem 2.4 Motives and Actors 2.4.1 Profit and Greed 2.4.2 Personal Attack 2.4.3 Thrill and Bragging Rights 2.4.4 Activism 2.4.5 Corporate Espionage 2.4.6 Nation-State Objectives 2.4.7 Terrorism 2.5 The Cybercrime-For-Profit Economy 2.5.1 The Connection between Identity Theft and Cybercrime 2.5.2 The Cybercrime Economy Earns Money and Requires Payments 2.6 Digital Evidence: The Backbone of Any Cyber Investigation (and Traditional Investigations, Too) 2.7 Conclusion Chapter 3. Introduction to Computers, Networks, and Forensics 3.1 Introduction 3.2 How Computers Work 3.3 Basic Hardware PARTs of Computers 3.3.1 Case 3.3.2 Power Source 3.3.3 Processors (CPUs) 3.3.4 Memory (Volatile Storage – RAM) 3.3.5 Persistent Storage (HDD/SSD) 3.3.6 Communicating with the User: Interfaces for Input and Output 3.3.7 Communicating with Other Computers (NIC) 3.3.8 Physical Ports 3.3.9 Putting the PARTs Together 3.3.10 External Storage, Servers and More 3.4 Basic Computer Software Categories 3.4.1 BIOS/UEFI 3.4.2 Operating Systems 3.4.3 Applications 3.5 Basic Networking and Internet Usage 3.5.1 Networking Hardware 3.5.1.1 NIC and MAC Addresses 3.5.1.2 Cables, Wireless, and Network Switches 3.5.1.3 Modem 3.5.1.4 Router 3.5.2 Networking Communication and Internet Protocol (IP) Addresses 3.5.3 TCP versus UDP 3.5.4 Domain Name System (DNS) 3.5.5 Website Hosting 3.6 Proxies, VPNs, and Tor 3.7 Encryption 3.7.1 Encryption in Transit 3.7.2 Encryption at Rest 3.8 Digital Forensics and Evidence Gathering 3.8.1 Ensuring Integrity of Stored Data: Hashing 3.8.2 Stored Data (Persistent Storage) in Devices: Forensically Obtaining Evidence through Imaging and Analysis 3.8.2.1 Preview/Triage 3.8.2.2 Imaging 3.8.2.3 Analysis 3.8.3 Volatile Memory: Conducting Memory Forensics 3.8.4 Website Evidence: Viewing and Preserving 3.8.5 Emails and Email Headers 3.8.6 Forensic Examination Tools 3.9 Conclusion Chapter 4. Introduction to Information Security and Cybersecurity 4.1 Introduction 4.2 Basic Information Security and Cybersecurity Principles 4.2.1 CIA: The Three Information Security Objectives 4.2.2 Controls to Protect Information Systems 4.2.3 Authentication to Guard Access 4.2.4 Principle of Least Privilege 4.2.5 Incident Response 4.3 Information Security Frameworks 4.3.1 The Four Pillars: Knowledge, Devices, Data, and Networks 4.3.2 CIS Critical Security Controls 4.3.3 NIST Cybersecurity Framework (CSF) 4.3.4 NIST SP 800-53 4.3.5 ISO/IEC 27000 Series 4.3.6 AICPA SSAE 18 4.3.7 Other Information Security Frameworks 4.4 Conclusion PART II: Law for the Cybercrime Investigator Chapter 5. Fundamental Principles of Criminal and Civil Law 5.1 Introduction 5.2 Criminal Law and Procedure 5.2.1 The PARTicipants 5.2.2 The Criminal Justice Process 5.2.3 Criminal Justice Protections 5.2.4 How Investigations and Prosecutions are Started 5.2.5 Categories of Criminal Charges 5.2.6 Charging the Defendant and Judicial Review: Complaints, Indictments, Grand Jury, Preliminary Hearings 5.2.7 The Investigative Role of the Grand Jury 5.3 Who Investigates and Prosecutes Crimes? 5.3.1 State/Local Enforcement and Federal Enforcement 5.3.2 Jurisdiction and Venue 5.3.3 Resources, Expertise, and Collaboration 5.4 What Constitutes a Crime and Its Elements 5.4.1 Act or Omission (actus reus) 5.4.2 Culpable Mental States (mens rea) 5.4.3 Anticipatory Offenses (Such as Attempt and Conspiracy) 5.5 Defenses (Such as Self-defense and Entrapment) 5.6 The Fourth Amendment: Constitutional Rules for Search and Seizure 5.6.1 Expectation of Privacy 5.6.2 Consent 5.6.3 The Search Warrant Requirement 5.6.4 Exceptions to the Search Warrant Requirement 5.6.5 Workplace Searches and Monitoring 5.6.6 Private Searches versus Public Searches 5.7 The Exclusionary Rule: Protections and Consequences for Improper Investigative Action 5.7.1 Physical Evidence 5.7.2 Other Forms of Evidence: Unlawful Arrests, Statements, and Witness Identifications 5.7.3 Fruit of the Poisonous Tree Doctrine 5.8 Civil Law and Procedure 5.8.1 The Civil Litigation Process 5.8.2 Causes of Action 5.8.2.1 Intentional Torts 5.8.2.2 Negligence Torts 5.8.2.3 Breach of Contract 5.8.2.4 Cybercrime-Specific Causes of Action 5.8.2.5 Regulatory Actions 5.9 Licensing and Regulatory Law 5.10 Conclusion Chapter 6. Cybercrime Defined: The Criminal Statutes Outlawing Criminal Conduct Online 6.1 Introduction 6.2 Federal and State Law 6.3 Federal Cybercrime Law 6.3.1 The Computer Fraud and Abuse Act (CFAA) 6.3.2 The Wiretap Act 6.3.3 Unlawful Access to Stored Communications 6.3.4 The Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act) 6.3.5 Communication Interference 6.4 State Cybercrime Law 6.5 “Traditional” Federal and State Laws that Apply to Cybercrime 6.5.1 Theft/Larceny 6.5.2 Possession/Receiving of Stolen Property 6.5.2.1 Property: A Changing Concept in the Cyber Age 6.5.3 Identity Theft 6.5.4 Impersonation 6.5.5 Credit/Debit Card Fraud 6.5.6 Bank Fraud 6.5.7 Wire Fraud 6.5.8 Forgery 6.5.9 Money Laundering 6.5.10 Harassment, Stalking, and Sextortion 6.5.10.1 First Amendment Considerations 6.5.11 Child Exploitation and Pornography 6.5.12 Vandalism 6.5.13 Organized Crime 6.5.14 Attempt and Conspiracy Attempt Conspiracy 6.6 Conclusion Chapter 7. The Law Enforcement Legal Toolkit for Investigating Cybercrime: Laws for Gathering Criminal Cyber Evidence 7.1 Introduction 7.2 Privacy and Consent: Applying These Principles to Communications 7.2.1 Communications and Privacy 7.2.2 Communications and Consent 7.2.3 Reasonable Expectation of Privacy in the Workplace 7.3 The Nine Tools for Gathering Evidence 7.3.1 Open-Source Investigation 7.3.2 Obtaining Consent 7.3.3 Subpoena Duces Tecum 7.3.4 Section 2703(d) Order 7.3.5 Search Warrant 7.3.6 Pen Register and Trap-and-Trace Device 7.3.7 Wiretap 7.3.8 Letter of Preservation 7.3.9 Non-Disclosure Request and Order 7.4 The Electronic Communications Privacy Act (ECPA): Applying the Tools to Online Communications 7.4.1 The Stored Communications Act: Records of Past Communications 7.4.1.1 The Role of Third-PARTy Providers 7.4.1.2 Services Covered by the SCA (ECS and RCS) 7.4.1.3 “Content” vs. “Non-Content” Information 7.4.1.4 Subscriber and Session Information 7.4.1.5 Sensitive Non-Content Information 7.4.1.6 Location Information 7.4.1.7 Content Information 7.4.1.8 SCA Rules for Letters of Preservation, Non-Disclosure,and Delayed Disclosure Orders 7.4.2 The Pen/Trap Statute: Live Monitoring of Non-Content Information 7.4.3 The Wiretap Act: Live Monitoring of Content Information 7.5 Obtaining Evidence Located in Another State 7.5.1 Federal Investigations 7.5.2 State and Local Investigations 7.5.3 Search Warrant Considerations for Out-of-State Devices and Physical Premises 7.6 Obtaining Evidence Stored Overseas by U.S. Entities: The CLOUD Act 7.7 Obtaining Evidence Located in Another Country 7.7.1 Presence of Evidence or Its Custodian Corporation in the United States 7.7.2 Mutual Legal Assistance Treaties (MLATs) 7.7.3 Letters Rogatory 7.7.4 Informal Assistance 7.7.5 Egmont Request 7.7.6 Suspects Located in Other States and Foreign Countries (Preview) 7.8 Conclusion Chapter 8. Cyber Investigations Linked to Nation-States or Terrorists 8.1 Introduction 8.2 Laws and Measures Relating to Nation-State and Terrorist Activity 8.2.1 Criminal Laws 8.2.2 Civil Laws and the Foreign Sovereign Immunities Act (FSIA) 8.2.3 International Treaties, Agreements, and Judicial Processes 8.2.4 Laws and Principles of Sovereignty and Waging War 8.2.5 Terrorism-Related Measures 8.2.6 Espionage, Clandestine and Covert Operations, and Propaganda 8.3 The Motives and Actions of Nation-States 8.3.1 Generating Funds 8.3.2 Nation-State Commercial Espionage 8.3.3 Attacks on Infrastructure 8.3.4 Attacks to Advance Strategic Interests 8.4 Terrorist Funding, Recruiting, Vandalism, and Attacks 8.4.1 Terrorist Funding 8.4.2 Recruitment 8.4.3 Cyber Vandalism and Hacktivism 8.4.4 Inciting Local Attacks 8.5 What to Do if the Investigation Leads to a Nation-State or Terrorist 8.6 Conclusion Chapter 9. Civil and Regulatory Implications of Cybercrime: Cyberlaw in the Civil and Regulatory Sectors 9.1 Introduction 9.2 Attorney–Client Privilege 9.3 Civil Lawsuits against Cybercriminals: Actions for Intentional Torts 9.4 “Hacking Back”: Intentional Acts by Cybercrime Victims that Could Incur Liability 9.5 Cybercrime Statutory Causes of Action 9.6 Negligent Cyber Torts: The Reasonable Person and the Standard of Care 9.6.1 Negligence that Directly Causes the Harm 9.6.2 Negligence that Allows the Commission of a Crime by a Third PARTy 9.6.2.1 Theft of Automobile 9.6.2.2 Premises Liability 9.6.2.3 Cybercrime Liability 9.7 Actions under Contract Law 9.7.1 Cyber Insurance Policies 9.8 Civil Actions for Asset Forfeiture by the Government 9.8.1 Federal and State Laws 9.8.2 Temporary Restraining Orders (TROs) 9.8.3 Burden of Proof 9.9 General Civil Laws and Regulations Regarding Cybersecurity and Privacy 9.9.1 Data Disposal Laws and Rules 9.9.2 Information Security Laws 9.9.3 Data Breach Notification Laws 9.9.4 Privacy Laws and Who Enforces Them 9.9.4.1 FTC and State Attorneys General 9.9.4.2 GDPR 9.9.4.3 California Consumer Privacy Act 9.9.4.4 Colorado Protections for Consumer Data Privacy Act (PCDPA) 9.10 Civil Laws and Regulations for Specific Sectors 9.10.1 Financial Sector 9.10.1.1 GLBA: Gramm-Leach-Bliley Act 9.10.1.2 FFIEC and SEC Requirements 9.10.1.3 New York Information Security Requirements for the Financial Sector 9.10.2 Health Sector Regulations: HIPAA and HITECH 9.11 Conclusion PART III: The Cybercrime Investigation Chapter 10. Embarking on a Cybercrime Investigation: The Three Perspectives and Key Areas of Focus 10.1 Introduction 10.2 Cybercrime Investigation from Three Perspectives: Private Sector, Law Enforcement, and Regulatory 10.2.1 Private Sector 10.2.2 Law Enforcement 10.2.3 Regulatory 10.3 Key Investigative Topics 10.4 Ending the Investigation: Success or Exhaustion of Leads or Resources 10.4.1 The End of Law Enforcement’s Investigation 10.4.2 The End of the Private Sector Investigation 10.4.3 The End of the Regulatory Investigation 10.5 Conclusion Chapter 11. General Investigation Methods: Organization, Open Source, Records, and Email 11.1 Introduction 11.2 Cybercrime Investigation: The Cyclical Process of Building Evidence 11.3 Managing Cybercrime Evidence: Readily Available vs. Proprietary Investigation Tools 11.3.1 Proprietary Tools 11.3.2 Readily Available Tools 11.4 Evidence Admissibility in Litigation 11.5 Writing for Cybercrime Investigations 11.5.1 The Dangers of Automatic Hyperlinking 11.6 Open Source Investigation 11.6.1 Open Source Investigation Resources 11.6.2 Viewing and Preserving Open Source Clues 11.6.3 Practical Tips to Maximize the Admissibility of Open Source Data 11.7 Records Evidence 11.7.1 The Workflow for Records Evidence 11.7.2 Tracking Records Requests 11.7.3 Organizing the Records 11.7.4 Analyzing the Information in Records 11.7.5 Admissibility of Records Evidence in Litigation 11.8 Email Evidence 11.8.1 Reading Email Headers 11.8.2 Analyzing Large Sets of Emails 11.9 The Importance of Cybercrime Intelligence 11.10 Conclusion Chapter 12. Private Entity’s Cybercrime Investigation 12.1 Introduction 12.2 Incident Response (and Prevention) 12.3 Discovery of Cybercrime Incidents by Private PARTies 12.3.1 Is This a Crime the Private Entity Can and Should Investigate? 12.4 Determining Investigation Goals and Scope 12.5 Activating Necessary Personnel: In-House and External 12.5.1 External Services to Consider 12.6 Reporting and Notifications to Law Enforcement, Regulatory Agencies, and Other PARTies 12.6.1 Reporting to Law Enforcement 12.6.2 Reporting to Regulators and Agencies Enforcing Similar Laws 12.7 Identifying Potential Witnesses and Evidence: Internal and External 12.8 Collecting Evidence Available Internally 12.8.1 Interviewing Internal Personnel 12.8.2 Internal Records and Data 12.8.3 Forensics on Internal Devices and Networks 12.9 Collecting Evidence from External Sources 12.9.1 Open-Source Research Revisited 12.9.2 Requesting Data and Information from Third PARTies 12.9.3 Civil Legal Process to Compel External PARTies to Produce Evidence: John Doe Lawsuits and Subpoenas 12.9.4 Respecting the Rights of Third PARTies 12.10 Conclusion Chapter 13. Law Enforcement’s Cybercrime Investigation 13.1 Introduction 13.2 How Cybercrime Comes to Law Enforcement’s Attention 13.3 Was There a Crime? 13.4 Is This a Crime that Law Enforcement Can and Should Investigate? 13.4.1 Nature and Extent of the Harm 13.4.2 Nature of Initially Available Evidence 13.4.3 Jurisdictional Analysis 13.4.4 Resources and Personnel Needed 13.4.5 Likelihood of Apprehending Suspects 13.4.6 Related Civil Implications 13.4.7 Impact on Society and Deterrence 13.4.8 Advising the Victim 13.5 Opening a Case 13.6 Assessment of Initial Evidence: What Do We Have, What Do We Need? 13.7 Getting Ready to Investigate: A Recap of the Tools 13.7.1 Open-Source Investigation 13.7.2 Consent 13.7.3 Letter of Preservation (If Additional Process Is Contemplated) 13.7.4 Non-Disclosure Order and Request 13.7.5 Subpoena 13.7.6 2703(d) Order 13.7.7 Search Warrant 13.7.8 Pen Register and Trap/Trace Device (Including with Location Data) 13.7.9 Wiretap 13.8 SIMPLE: The Six-Step Initial Mini-Plan for Law Enforcement 13.9 The Records Phase: Digging for Clues and Connections 13.10 The Data Search Phase: Zeroing in on Internet Accounts and the Criminals Using Them 13.11 The Physical World Phase: Searching Spaces and Devices 13.12 The Wiretap Phase: Special Cases Using Live Monitoring of Targets’ Communications 13.13 Traditional Shoe Leather Techniques 13.14 Writing for Law Enforcement Investigations 13.15 Working with the Private Sector 13.16 Cybercrime Intelligence and Law Enforcement Investigations 13.17 Conclusion Chapter 14. The Regulator’s Investigation 14.1 Introduction 14.2 Regulatory Recap: Regulated Industries and Regulatory-Type Laws 14.3 ACybercrime Occurs: Reviewing the Report of the Affected Business 14.4 Investigating the Cybercrime: Sufficiency of Cybersecurity Measures and Accuracy of the Report 14.5 Balancing the Roles of Compliance and Enforcement 14.6 Confidentiality and Information Sharing 14.7 Conclusion Chapter 15. Financial Investigation: Following the Cybercrime Money 15.1 Introduction 15.2 Money Laundering 101 15.3 Traditional Currency and Value 15.4 Virtual Currency and Cryptocurrency 15.4.1 History of Virtual Currency and Its Evolving Terminology 15.5 Getting Started on the Money Trail: How Financial Details Can Prove Crimes and the Criminal’s Identity 15.6 Finding and Following the Money 15.6.1 Where to Find Evidence of Financial Activity 15.6.2 Investigating Virtual Currency Transactions: Specific Tools and Resources 15.6.3 Cryptocurrency Transaction Records 15.7 Conclusion Chapter 16. Identification of the Suspect: Attributing Cyber Conduct to a Person 16.1 Introduction 16.2 Doing Illicit Business Online: Cyber Nicknames and Pseudonyms 16.3 The Attribution Process and Developing a Suspect: Mapping Criminal Conduct to Cyber Pedigree and Physical Pedigree Information 16.3.1 Two Kinds of Pedigree Information: Physical and Cyber 16.3.2 The ID-PLUS Attribution Process: Six Steps to Link Criminal Conduct to Cyber Pedigree and Physical Pedigree 16.3.3 Example: Using ID-PLUS to Build an Identification 16.3.4 Example: A Sample Attribution Summary (Working from the Crime to a Suspect) 16.3.5 The Attribution Process from Another Lens: Types of Evidence that Can Identify Cybercriminals 16.4 Writing and Articulation Revisited: Clear and Effective Cyber Identification 16.5 Examining Issues of Proof 16.6 Apprehension: Confirming Pedigree through Statements and Forensics 16.7 Conclusion Chapter 17. Apprehending the Suspect and the Investigation that Follows 17.1 Introduction 17.2 Charging Decisions 17.2.1 Methods for Charging a Suspect 17.2.2 “Sealing” Charges versus Publicizing Them 17.3 Interstate Procedures for Arresting and Extraditing Defendants 17.4 International Procedures for Arresting and Extraditing Defendants 17.5 Arrest Strategies and the Hunt for Evidence 17.6 A Successful Arrest Does Not Mean “Case Closed” 17.7 Conclusion PART IV: Litigation Chapter 18. Criminal Litigation 18.1 Introduction 18.2 Goals of the Litigation 18.3 Litigation Begins: Filing of an Accusatory Instrument 18.4 The Defendant Enters the Litigation: Apprehension, Extradition, and Arraignment 18.5 Guilty Pleas: Plea Position and Negotiation 18.6 Discovery: Sharing the Investigation with the Defense 18.7 Motion Practice, Hearings, and Pre-Trial Decisions: Testing the Investigation and Prosecution 18.8 Trial: The Investigation Laid Bare 18.8.1 Picking a Jury 18.8.2 Opening Statements 18.8.3 Presenting the Evidence: Legal Admissibility and Jury Comprehension 18.8.4 The “Baby Step Exhibit” Technique 18.8.4.1 The “Baby Step” Technique and the Laptop Computer 18.8.4.2 The “Baby Step” Technique and Financial Records 18.8.5 The Defense: Cross-Examination and Counterattacking with Evidence Defense Cross-Examination during the People’s Case The Defense Case (If Presented) 18.8.6 Closing Arguments 18.8.7 Jury Instructions 18.8.8 Jury Deliberations and Verdict 18.8.9 Sentencing 18.9 Appeals and Post-Conviction Litigation 18.10 Conclusion Chapter 19. Civil Litigation 19.1 Introduction 19.2 Potential Litigation Scenarios Following a Cybercrime Investigation 19.2.1 Civil Action to Further the Investigation or Stop Cybercrime Activity 19.2.2 Civil Action against Cybercriminal for Intentional Tort 19.2.3 Civil Action against Cybercriminal under a Cybercrime Statutory Cause of Action 19.2.4 Civil Action against Another Victim for Negligent Cybersecurity 19.2.5 Civil Action for Breach of Contract 19.2.6 Civil or Regulatory Action by Government for Inadequate Cybersecurity 19.2.7 Civil Action by Criminal Prosecutor to Freeze and Seize Assets 19.3 Goals and Expectations 19.3.1 Government Agencies 19.3.2 Private Litigants 19.4 Experts 19.5 Settlement Negotiations 19.6 The Civil Lawsuit and the Role of the Investigation 19.7 Arbitration 19.8 Conclusion Chapter 20. Conclusion Index