By Sarah Tschiggfrie

As one of their assignments in a Washington and Lee Spring Term course on computer forensics, students in the class engaged one another in casual conversation about such topics as family pets or favorite colors.

"From that information, the question was whether or not they could somehow figure out a person's password," said Renee Pratt, who designed and taught the new course.

Pratt, assistant professor of business administration at W&L's Williams School of Commerce, Economics, and Politics, studies information technology in business settings. As she emphasized to the students, the availability of electronic information has increased the potential for cybercrimes.

"I want students to learn how to be safer on the Internet," said Pratt. "They should come away from this course with a better understanding of networks, computer security, consequences of unethical hacking and the accessibility of information. There's a lot of information on the web that is available to others. I want students to understand how much they share that information, not even realizing it's there for the taking by someone else."

Students were not expected to have advanced computer knowledge, so the course began with learning about the computer, how a network works, a basic understanding of computer forensics and what hacking really means. "It wasn't about teaching them how to hack," said Pratt, "but teaching them how to avoid other people hacking and stealing their information."

Computer forensics, according to Pratt, comprises obtaining and analyzing digital information for use as evidence in civil, criminal or administrative cases. "We investigated current cases throughout the four weeks," said Pratt. "For example, at Goldman Sachs executives were accused of sharing information via e-mail about profits out of the housing market collapse. It is evidence such as this and fraudulent accounting or financial acts that catch criminals. The crimes might be espionage or murder or something else, but often today they are solved by digital evidence."

Another example is the Russian mafia being possibly behind recent banking cases of stealing money through stolen debit or credit cards. And a few years ago the servers at TJX Companies, Inc. were hacked into and sensitive customer information was stolen. "Hackers can steal your credit card information, date of birth or social security number and create new individuals who can use that information to purchase products or sell on the black market," said Pratt.

In addition, the students learned about the tools and methods used by law enforcement when investigating cybercrimes, how to perform computer-related crime investigations, and the recovery and analysis of digital evidence. They also discussed how state and federal laws deal with individuals once they've been found guilty. "Our laws today are really behind when it comes to technology," said Pratt.

In one exercise, the students were computer forensic experts in a mock trial. They tried to explain in simple language how they solved a crime and how they knew that a particular individual committed the crime through the use of their computer or some other form of technology.

"Although I've taught computer forensics before," said Pratt, "it was to majors in technical and judicial fields. So it has been an interesting and wonderful opportunity to teach a course like this in the Williams School."


Source: Washington and Lee University