1st Edition

Cybercrime Investigations A Comprehensive Resource for Everyone

By John Bandler, Antonia Merzon Copyright 2020
    360 Pages 62 B/W Illustrations
    by CRC Press

    360 Pages 62 B/W Illustrations
    by CRC Press

    Cybercrime continues to skyrocket but we are not combatting it effectively yet. We need more cybercrime investigators from all backgrounds and working in every sector to conduct effective investigations. This book is a comprehensive resource for everyone who encounters and investigates cybercrime, no matter their title, including those working on behalf of law enforcement, private organizations, regulatory agencies, or individual victims. It provides helpful background material about cybercrime's technological and legal underpinnings, plus in-depth detail about the legal and practical aspects of conducting cybercrime investigations.


    Key features of this book include:

    • Understanding cybercrime, computers, forensics, and cybersecurity
    • Law for the cybercrime investigator, including cybercrime offenses; cyber evidence-gathering; criminal, private and regulatory law, and nation-state implications
    • Cybercrime investigation from three key perspectives: law enforcement, private sector, and regulatory
    • Financial investigation
    • Identification (attribution) of cyber-conduct
    • Apprehension
    • Litigation in the criminal and civil arenas.

    This far-reaching book is an essential reference for prosecutors and law enforcement officers, agents and analysts; as well as for private sector lawyers, consultants, information security professionals, digital forensic examiners, and more. It also functions as an excellent course book for educators and trainers. We need more investigators who know how to fight cybercrime, and this book was written to achieve that goal.

    Authored by two former cybercrime prosecutors with a diverse array of expertise in criminal justice and the private sector, this book is informative, practical, and readable, with innovative methods and fascinating anecdotes throughout.

    Part I: Understanding Cybercrime, Computers, and Cybersecurity
    Chapter 1 The Need for Good Cybercrime Investigators (Introduction)
    Chapter 2 What is Cybercrime and Why is it Committed
    Chapter 3 Introduction to Computers, Networks, and Forensics
    Chapter 4 Introduction to Information Security and Cybersecurity

    Part II: Law for the Cybercrime Investigator
    Chapter 5 Fundamental Principles of Criminal and Civil Law
    Chapter 6 Cybercrime Defined: The Criminal Statutes Outlawing Criminal Conduct Online
    Chapter 7 The Law Enforcement Legal Toolbox for Investigating Cybercrime (Gathering Cyber Evidence)
    Chapter 8 Cyber Investigations Linked to Nation-States or Terrorists
    Chapter 9 Civil and Regulatory Legal Implications of Cybercrime (Civil & Regulatory Cyberlaw)

    Part III: The Cybercrime Investigation
    Chapter 10 Embarking on a Cybercrime Investigation: The Three Perspectives and Key Areas of Focus
    Chapter 11 General Investigation Methods: Organization, Open Source, Records, and Email
    Chapter 12 The Private Entity's Cybercrime Investigation
    Chapter 13 Law Enforcement’s Cybercrime Investigation
    Chapter 14 The Regulator’s Investigation
    Chapter 15 Financial Investigation: Following the Cybercrime Money
    Chapter 16 Identification of the Suspect: Attributing Cyber Conduct to a Person
    Chapter 17 Apprehending the Suspect and the Investigation that Follows

    Part IV: Litigation  Cybercrime Investigations in Court    
    Chapter 18 Criminal litigation
    Chapter 19 Civil Litigation

    Chapter 20 Conclusion


    John Bandler and Antonia Merzon served together as Assistant District Attorneys at the New York County District Attorney’s Office (DANY), hired by the legendary Robert Morgenthau. They investigated and prosecuted a wide variety of criminal offenses, ranging from those that garnered headlines to the many that received little attention but were equally essential for the administration of justice and protection of the public. Antonia founded and led the Identity Theft Unit (since renamed the Cybercrime and Identity Theft Bureau), recruiting John as an early member. The unit’s work quickly revealed the close connection between identify theft and cybercrime, and brought amazing cases, including the Western Express case, which you will read about.

    John Bandler runs a law firm and a consulting practice that helps organizations and individuals with cybersecurity, cybercrime investigations, and anti-money laundering efforts among other areas. Before becoming a prosecutor, he served as a State Trooper in the New York State Police for eight years, assigned to one of the state’s busiest stations that provided full police services to the local community. While serving in the State Police he attended law school at night at Pace University School of Law, and upon graduating he went to work for Mr. Morgenthau. Since leaving government service he has represented a range of clients, from individuals to banks, on many issues ranging from cybersecurity, privacy, anti-fraud, and threats. John is admitted to the bars of New York, Connecticut, and Washington D.C., holds a number of certifications, and writes, lectures, and teaches on law, cybersecurity, cybercrime, and more.

     Antonia Merzon provides legal and consulting expertise related to security, investigations and law enforcement, especially as they intersect with the worlds of law, technology, privacy, and fraud. She graduated from Fordham University School of Law and then was hired by Mr. Morgenthau. During her time at DANY, she built the new Identity Theft Unit that investigated and prosecuted cybercrime and virtual currency money laundering – before these areas were in the public awareness – and developed the unit’s digital forensic and investigative capacity. Cybercrime and traditional investigations are among her specialties, including developing best practices. She also is an expert on a diverse array of investigation and litigation best practices for law enforcement, including the use of body-worn cameras, eyewitness identification, and the electronic recording of custodial interrogations.