World’s Smallest Cyber Crime Investigation Device Released by ASCL & Data64

The world’s smallest cyber crime investigation device was released in Pune on Saturday 28th August, 2010 by Hon’ble Justice Rajesh Tandon, Chairperson, Cyber Appellate Tribunal, New Delhi.

Code-named pCHIP, this Portable Mega Investigation & Forensic Solution is delivered in two versions - on a USB device and on a micro SD card.

pCHIP runs from a USB drive / micro SD card without installation on the suspect PC. It captures relevant volatile evidence from a live (switched on) computer. It has an extremely easy-to-use interface and provides detailed reports.

Volatile Evidence Recovered by pCHIP
The pCHIP retrieves crucial volatile digital evidence from the suspect computer and generates 38 reports at the click of a button.

Password & Encryption handling by pCHIP
The pCHIP can detect and list password protected & encrypted files on a suspect computer. It can also attack and crack hundreds of types of passwords.

USB History detection by pCHIP
At the click of a button, the pCHIP can generate a report containing the details of every USB device ever connected to the suspect computer.

Cloning and Imaging by pCHIP
The pCHIP can clone and image disks and also recover deleted data.

pCHIP has been designed by Asian School of Cyber Laws & Data64 Techno Solutions Pvt. Ltd.

Data64 Techno Solutions Pvt. Ltd. is incubated by Science & Technology Park, a STEP promoted by Department of Science & Technology, Government of India.

Asian School of Cyber Laws is a global leader in education, training and consultancy in cyber law, cyber crime investigation and digital forensics.

Mr. Debasis Nayak, Director, Data64 Techno Solutions Pvt. Ltd. said:

It is widely believed that computer forensic investigations must be carried out on static data and never on live systems.

This usually means that the investigator would first pull the plug on any live machine and then physically remove the hard disk(s). This hard disk would then be imaged and subsequently the image would be analyzed.

We believe that such an approach is flawed. In many cases, it is prudent for an investigator to first carry out preliminary investigations on the live system and then pull the plug.

Some of the reasons for this approach are:

1. In many computer attacks, the evidence may be only in the computer memory and not in any files on the hard disk. Pulling the plug or shutting down such a computer may destroy the evidence.

2. If the suspect is using cryptography to secure his data, then pulling the plug may mean that the data will no longer be available in an unencrypted format.

3. The suspect could configure his computer to clear the paging file automatically on shutdown. This would cause a lot of evidence to be lost.

CyberAttack - 2010 in Mauritius

Asian School of Cyber Laws (ASCL) and Whitefield Business School, Mauritius recently conducted CyberAttack - 2010, a seminar aimed at creating awareness on cyber crime.

CyberAttack 2010 is a day long intensive seminar focusing on the best practices and latest industry standards in computer forensics and incident response.

CyberAttack brought to the forefront the risks involved in the utilization of Information and Communication Technology.

As cyberspace affects everyone across a wide range of professions, lawyers, computer professionals, Government officers and others attended the conference enthusiastically.

Debasis Nayak, Director, ASCL and Terence Sequeira, assistant director, ASCL, led the event that had Subheer Ramnoruth, managing director and director of studies, and Noor Soormally, general manager and head of Information Technology Security, hosting the event on behalf of the Whitefield Business School.

Mr. Nayak underlined the fact that cyber crime was the third largest threat to nations today, after terrorism and chemical weapons.

Whitefield Business School is the Mauritius education partner for Asian School of Cyber Laws conducting ASCL courses like, ASCL Certified Cyber Crime Investigator for Mauritius.