EC site to combat IT crime
By Madeline Bennett
Date: November 04, 2003
Commission launches computer forensics resources
In a bid to tackle computer crime, the European Commission (EC) has launched a web site offering tools and advice to help firms identify security breaches and preserve evidence and data that would be admissible in court.
The Cyber Tools Online Search for Evidence (CTOSE) site, developed by the EC's Joint Research Centre in conjunction with European computer and security specialists, was launched late last month. The resource is designed to help firms identify, secure and integrate electronic evidence of computer crime incidents, and establish how attacks are being launched.
The EC said the site is designed to improve firms' knowledge of computer forensics to help them track down and prosecute perpetrators of IT crime.
The tools could also act as a deterrent to attackers, and so might increase users' confidence in the security of online systems.
The CTOSE web site is designed for use by computer forensics experts and IT security professionals, as well as non-experts such as systems administrators.
A Cyber-Crime Advisory Tool offers investigators step-by-step guidance on procedures and decisions to take^; a Legal Advisor element will help to ensure evidence is collected in accordance with the law^; and an XML specification enables users to package evidence and pass it safely to other investigators.
If customers follow the consistent and standardised incident investigation procedures they will be able to gather and preserve evidence that will be admissible in any European court, according to the EC.
Roy Hills, technical director at internet security testing specialist NTA Monitor, said that many organisations currently lack expertise in computer forensics. "What I've seen and continue to see with an incident or suspected incident is that the evidence that firms have got is not sufficient or inadmissible anyway," he said.
Simon Perry, European vice president for the eTrust brand at software provider Computer Associates, said the forensics discipline requires a combination of technical understanding, evidence-processing skills and law-enforcement support.
"Generally the skills do not exist to do this today, and so companies are struggling," Perry added.
Given this lack of expertise, the CTOSE resource could prove useful to organisations. "Any framework that improves the collection of evidence and advises companies on how to prepare it for a court is a good thing," said Perry.
According to Fabio Fabbi, spokesman for the EU Commission, the CTOSE site is already proving popular with users. He added that the tools are available free of charge to public authorities and for a modest fee to private companies.
^macro[showdigestcomments;^uri;EC site to combat IT crime]