Printable Resources
10 SKILLS YOU NEED TOWARD MASTERING MOBILE APP FORENSICS
This document goes back to the basics to address the challenges of new mobile apps and ways to master the forensics behind them. By going back to the basics with the same scientific principles as all forensic methods: question, research, hypothesize, test, analyze—and if necessary, repeat—to guide you toward advancing
your skillset and mastering mobile app forensics.
Cybersecurity Action Plan (Connecticut)
This document, Connecticut’s Cybersecurity Action Plan,
follows the Strategy and sets forth specific steps necessary to strengthen the state’s ability to defend against and recover from cyber compromise.
Bitcoin and Cryptocurrencies – Law Enforcement Investigative Guide
This investigative guide developed the Regional Organized Crime Information Center (ROCIC) will provide law enforcement with the real facts of bitcoin, what it is, how criminals are using it.
Face Recognition – Policy Development Template
This policy development template was developed by state, local, and federal law enforcement, privacy, and criminal justice partners to provide law enforcement, fusion centers, and other public safety agencies with a framework for developing face recognition policies that comply with applicable laws, reduce privacy risks, implement minimum required training for authorized users and examiners, and establish entity accountability and oversight. In addition, this template includes policy provisions on collection, access, use, dissemination, data quality, security, redress, retention and purging, and accountability and enforcement, with an overall focus on ensuring the integration of P/CRCL protections in face recognition processes.
Understanding Digital Footprints
Cybercrime is an ever-growing issue for state, local, tribal, and territorial (SLTT) law enforcement. With advancements in technology, coupled with the oversharing of personal information, law enforcement not only needs to ensure the public’s safety online but also be cognizant of the digital footprint that people are leaving behind.
This document provides material designed to assist law enforcement personnel in protecting themselves and their families from becoming cyber targets: protecting personal information, cyber dos and don’ts, and links to further cyber training and resources.
Digital Evidence Guide for First Responders
As the first responding officer, the collection and preservation of digital evidence begins with you.
Once the scene has been secured and legal authority to seize the evidence has been confirmed, devices can be collected. First responders must be cautious when handling digital devices in addition to normal evidence collection procedures the preventing the exposure to extreme temperatures, static electricity and moisture are a must.
Cloud Storage & Law Enforcement
The emergence of the cloud has presented unique challenges to many actors across the criminal justice system. The purpose of this document is to discuss the inherent challenges of obtaining data stored on cloud-based platforms, followed by resources for navigating them.
Click here to view the entire document.
Law Enforcement & Overseas Data
With the proliferation of digital devices and platforms for internet-enabled communication, technology companies are often the gatekeepers of all electronic data. This document talks about how U.S. law enforcement agencies can secure overseas data through the MLAT process.
Click here to view the entire document.
Bitcoin Investigative Field Guide
The National White Collar Crime Center’s Bitcoin Investigative Field Guide provides law enforcement-specific information on the Bitcoin cryptocurrency. The Field Guide explains Bitcoin basics (its history, market value, and uses); how Bitcoin can be obtained (through online exchanges and “mining”); where it can be stored; how to obtain a Bitcoin wallet; and a 4-step process for seizing a suspect’s Bitcoin.
Click here to view the entire document.
Cybersecurity Awareness Training
This paper is designed to casually explain common vulnerabilities and initial steps to proactively protect an agencies infrastructure.
Click here to view the entire document.
Managing Cybersecurity Risk: A Law Enforcement Guide
This paper is designed to aid in educating law enforcement executives on their responsibility to ensure the cybersecurity of their organizations is managed in an effective manner. It provides essential background material to create a greater understanding of the complex issues involved. This paper will be of assistance to any law enforcement executive, whether they are involved in state, province, local, or tribal law enforcement organizations.
Click here to view the entire document.
As new internet-based technologies are introduced, cybercrime is growing exponentially, both in the proliferation of crimes and the associated impact on victims concerning financial loss, invasion of privacy, blackmail, and threats to our national security. To respond to this ever-changing threat, national and local police agencies across the globe continue to explore ways to coordinate resources with each other and attack the problem. This document highlights the many promising practices of the Utah State Model in support of “Operation Wellspring” and related efforts involving law enforcement leaders, cyber investigators, fusion center staff, emergency management personnel, and other national subject matter experts, working in partnership with the Federal Bureau of Investigation and the Department of Homeland Security. However, this document is more than a “case study.” Indeed, this publication serves as a foundational national document, strategically targeted, for Governor’s, their staff, and others, to guide and inform their policies and practices. Special thanks are given to the Utah Department of Public Safety, FBI, DHS, IACP, RAND, NW3C, NGA, NACSIO, ASCIA and others.
Click here to view the entire document.
Sarahah
Sarahah is a messaging application launched in November 2016 by independent developer Zain al-Abidin Tawfiq. The word “Sarahaha” is the pronunciation of the Arabic word for “honesty.” 1 It was originally launched as a service for Middle-Eastern businesses to solicit anonymous, candid feedback from their employees and co-workers. However, it quickly went viral in Saudi Arabia and Egypt among teenagers and young adults as an anonymous messaging application.
For more information, please visit: https://www.nw3c.org/docs/research/sarahah.pdf
HousepartyHouseparty was launched in February 2016 by Life on Air as a free, easy-to-use video conferencing platform. It was built from the remnants of previous failed attempts at creating a livestreaming application, and was initially launched under a pseudonym, Alexander Herzick. It experienced relatively slow growth before going viral in late 2016. Houseparty can support video conferences (“houseparties”) with up to 8 simultaneous participants, in which every participant can see and talk to every other participant. The application is currently available via the Google Play Store and Apple iOS Store.
For more information, please visit: https://www.nw3c.org/docs/research/houseparty.pdf
RobloxRoblox is a user-generated massive multiplayer online social gaming platform. The name Roblox was created by blending the words “robots” and “blocks.” Roblox users create their own virtual worlds and design their own avatars and games within the platform. New users must register with a username, email address, and date of birth. After registration and email verification, the new user then selects and customizes a virtual character that is used as his or her identity in the Roblox world.
For more information, please visit: https://www.nw3c.org/docs/research/roblox.pdf
Cyber Report Card
How does your agency measure up when it comes to cyber security? Law enforcement information systems and resources are increasingly at risk of attack, intrusion, ransomware, and denial of service. In order to assist chiefs in assessing their cyber security, the IACP announces the release of a Cyber Report Card for law enforcement executives.
The LECC Cyber Report Card was designed with the Canadian Association of Chiefs of Police (CACP), the Computer Crime & Digital Evidence (CCDE) Committee of IACP, chiefs of small and mid-sized agencies, and the LECC strategic partners. It is designed to be completed by chiefs and their information technology (IT) professionals. In addition to basic questions regarding fundamental IT security issues (e.g., password management, confidentiality, policy and procedures), the Report Card also provides references to key tools and resources to aid chiefs and IT service providers in assessing their current security profile, and in building robust, resilient information systems.
Access the LECC Cyber Report Card
