Across the country, the role of IT professionals is often misunderstood by the masses. Few realize that those working in IT security are on the frontlines facing cybercriminals and their nefarious attacks on the public at large.
While it can seem unrewarding at times, it can also become a fast track to being the target for computer crime accusations. Just like a murder victim’s closest loved ones become top suspects, so does the skillset of an IT security professional when their loved ones become cyber victims.
The Easy Target
From an investigator’s point of view, the goal is to find someone with motive and the right skillset. When family or a loved one becomes the victim, it’s often the people in their inner circles who have motive. Combine that with an IT skillset, and it makes you an easy target.
If the cybercriminal knows someone close to their victim works in IT, then it isn’t uncommon for the criminal to call in the crime. This allows them to look like a witness while shifting the blame to an innocent person who just happens to have excellent computer skills.
Considering the recent waves of data breaches, most of the cybercriminals involved worked on the inside. This points the finger to you as well if your organization experiences a breach. Investigators are looking for:
· Disgruntled employees
· Employees working in corporate espionage
· Entrepreneurial employees who might want to steal company data
· Opportunistic employees looking to gain money or leverage the company’s system to their own benefit
Since IT professionals possess the skills and are in a unique position to commit these crimes, they’re often the first suspects. Access to various systems or machines makes you a prime target, as well. The real question is, what evidence does the investigator have?
Compiling Evidence
Whether the investigators have hard evidence or not, you should lawyer up as soon as possible if they consider you a likely suspect. Computer crimes carry hefty fines and lengthy prison sentences. You’ll need skilled legal aid like this Boulder computer crimes defense lawyer to help prove your innocence.
In court, forensic evidence is the bulk of the case. That includes anything that can be obtained from the affected systems and devices, and is considered circumstantial evidence. A forensic examiner acts as an expert witness when bringing these forensics into a trial. Co-worker testimony acts the same way and can help build a case against you.
There’s also fabricated evidence, which cybercriminals use to pin the crime on someone else. Hacking accounts, creating false records, spoof emails, and even spoof IP addresses are all possibilities. This could point directly to you and requires a skilled lawyer to prove it’s a trap.
What to Do
If you find yourself accused of a computer crime as an IT security agent, then the first thing to do is speak with an attorney. They can help advise you on how to best build your defense and let you know if there are any documents or information they need from you.
Next, gather up all documentation of your actions at work and elsewhere. Make sure to find witnesses who can attest that you were somewhere else or working on something else. Never let the investigators know the extent of your IT skill level, don’t tell them you’re the only one who should be able to access the targeted system, and don’t express any negative feelings about the victim or target.
It’s okay to answer questions, but you should give as little information as possible. If you can, don’t answer any questions without your lawyer present. You might be innocent, but proving so is an uphill battle after an accusation is made.