User Account

All Pages

Investigate a disturbance at the premises of cygnus law

Assignment Help Computer Engineering
Reference no: EM133311642

Scenario Background - Break-in at Cygnus Law Solicitors

Cygnus Law Solicitors (CLS) are situated on a busy high street in the populous area of Harborne, in Birmingham. They occupy the ground floor of a two-story building. The first floor is not accessible from the ground floor; it comprises 4 self-contained bedsits, each rented out to local professionals.

Police were called out to investigate a disturbance at the premises of Cygnus Law Solicitors at 04:15 on 6th August 2021. The disturbance triggered the intruder alarm at the solicitor's office which was set up to send an instant alert to the local police. Police reached the solicitor's office within a few minutes; an initial search showed no obvious sign of forced entry, but the rear fire exit door was found open (see fig.1 for the floor plan). Inside, the computer in Office 2 was turned on; all other computer equipment on the premises, other than a printer, appeared to be turned off.

Given the sensitive nature of the high-profile criminal cases that solicitors at CLS work on, a digital forensics incident response team is called immediately.

Upon arrival and initial inspection, the Digital Forensics Triage team make the following observations:
• The CCTV system cameras and Linux-based server are turned off
• The wireless router for the premises is turned on and appears to be functioning as normal
• A device labelled ‘WDBU6Y0040BBK' is plugged into the front USB port of the main computer in Office 2, it appears to be running as the LED light on its side is flashing
• The printer in Office 2 is also printing numerous pages of a document that appears to be a list of current CLS clients
• The computers in the reception area and Office 1 are found to have an unidentified USB device plugged into their rear ports. The device is shown in Fig.2.
• A Nokia 105 (4th Edition) phone is found on the floor near the rear fire exit door, it is turned on and connected to the Vodafone network (see fig.3).

For a more detailed investigation, the computers, printers, USB devices and the Nokia phone will need to be taken back to the Digital Forensics lab for full inspection.

A suspect was arrested later that morning at his flat in Oldbury based on intelligence gathered from street CCTV footage obtained from the local council (although the footage does not show the suspect entering or leaving the premises of CLS, it does put him in close proximity around the time that the intruder alarm at CLS was triggered).

The CCTV footage shows the suspect running from the direction of the CLS premises and getting into a car that drove in the direction of where the suspect was arrested. Police were able to ascertain the make, model and registration details of the car. It became apparent that the suspect was already known to police for various minor burglary offences in the past. The suspect's flat was searched; the items seized included his Samsung A5 smartphone and a SanDisk Ultra 64 GB USB flash drive found in his pocket. The suspect had a Lenovo P50 laptop that was also seized, there was no other computer equipment in his flat. However, there were a number of printed documents found in his possession that appeared to be a partial list of clients at CLS; these were also seized. Interestingly, forensics investigators also found an Arduino with an ATmega32u4 device alongside another device labelled ‘ESP8266' on his bedside table; it is not obvious what these devices are so they were also seized.

Further analysis by the digital forensics incident response team discovered a folder named ‘spacehuhn' on the SanDisk Ultra 64 GB USB flash drive, there are many files and subfolders in this folder, but they are all encrypted using 256-bit AES encryption.

There are no other archived files and folders on the flash drive. The suspect was asked for the password credentials so that the data in the ‘spacehuhn' folder can be investigated; he refused to cooperate by remaining silent to all requests. The digital forensics analysts also investigated the computer from Office 2 and the USB device connected to its front port. It appears that the computer was logged into using the correct credentials and case data relating to CLS clients were being copied from the host computer to this USB device.

The computers at CLS appear to store their client details on the internal hard drive of the computer in Office 2; the computers in the main reception and Office 1 can access the client details through a shared folder using the internal network of the premises.

Although the computers are all password-protected, the hard drives are not encrypted. The computers are running Windows 7 Professional edition. The antivirus software seems to be kept up-to-date.

As part of the investigation, all staff at CLS were questioned regarding events leading up to the night of the intrusion at the premises. Staff at CLS do not recognise the Nokia 105 phone, the USB device labelled ‘WDBU6Y0040BBK' nor the USB devices plugged into the rear ports of the computers in Office 1 or the reception area (see fig.2). None of the staff are under suspicion of having any involvement with the break-in.

Attachment:- cygnus law solicitors.rar

Reference no: EM133311642

Questions Cloud

Fed primary goal is to cure inflation : Assume that the Fed's primary goal is to cure inflation. How can it use open market operations to achieve its goal?
Discuss how a person may get an eating disorder : Discuss how a person may get an eating disorder. You must address the societal pressures, biology, and cultural aspects.
Why concentric winding different coil pitch : Why concentric winding different coil pitch and why the coil pitch is odd.
Tracking the perrformance of asset in portfolio : Discuss rationale for tracking perrformance of an asset in a portfolio. Highlight 2 indicators each for measuring supply and demand of rela property performance
Investigate a disturbance at the premises of cygnus law : Investigate a disturbance at the premises of Cygnus Law Solicitors at 04:15 on 6th August 2021. The disturbance triggered the intruder alarm at the solicitors
What are the basic tenants of western and eastern religions : Describe and compare the roles of fasting of two different fasting religions using examples of fasting practices in each faith.
Canadian dollar and capital flow : Explain how the value of the Canadian dollar and capital flow changes based on foreign investments made in some sectors.
Compare the pros and cons of the morphometric body system : Compare the pros and cons of the morphometric body scoring system in comparison to visual scoring systems. Based on this, make your own judgement
Aggregate demand has four components : Aggregate demand has four components: consumption spending, investment spending, government spending (G), and Net Export

Reviews

len3311642

1/11/2023 11:12:00 PM

i want to upload a video presentation based on a crime scene regarding digital forensics. The video lasts 10 minutes.

Write a Review

Computer Engineering Questions & Answers

  Make java applet that displays the 13 standard colors

Write down an Java Applet that displays the 13 standard colors available in Java (back, blue, cyan, darkGray, gray, green, lightGray, magenta, orange, pink, red, white and yellow) in a set of 13 filled rectangles.

  Describe the common elements present in all hypothesis tests

Review and discuss the difference between statistical significance and practical significance. Describe the common elements present in all hypothesis tests.

  Is this an ethical question or just a matter of office

as a new systems analyst at premier financial services you are getting quite an education. youreport to mary the it

  Create an e-commerce application using php and html

Create an e-Commerce application using PHP and HTML that allows a user to login to a website, select several products for purchase.

  Use jsp to prepare an amortization table for a loan

Use JSP to prepare an amortization table for a loan

  Show the contents of the memory block

Show the contents of the memory block using the byte address range such as M[20-23] for the word with address 22.

  Write the structural vhdl code to implement device

Two voltage and two current sensors indicate measured voltage with 16-bit binary values on their output lines, S15 to S0.

  Discussion about the it security policy frameworks

Provide a reflection of at least 600 words (or 2 pages double spaced) of how the knowledge, skills, or theories of this course(Operations Security) have been.

  Write the following r functions using nested loops

rectangleWithBorder(m, n) that displays a block of characters that is m rows by n columns in dimension. The squares on the border of the block should be zeros.

  Disaster-recovery planning for technical communicators

"Managing in a Post-9/11, Post Katrina World: An Introduction to a Disaster-recovery Planning for Technical Communicators", How the attacks of September 11, 2001 affected Barclay's Capital and Putman Investments

  Explain what the given fragment of c code does

Explain what the following fragment of C code does.

  Are there any universal data models that can be reused

A patient must be referred to the hospital by exactly one physician. A physician can refer any number of patients, or may not refer any patient.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd