Investigation and prosecution of email and social media

1. Investigation and Prosecution
Certificate Course for PBI
Officer
TAWHIDUR RAHMAN
TEAM LEAD, BANGLADESH NATIONAL CIRT,
C|CISO, CCNP, C|EH,CHFI,CNDA, E|CSA, L|PT, E|NSA,GSEC, ITIL,
COBIT,CFIP
CERTIFIED CYBER CRIMINAL ANALYST, ISS, USA
CERTIFIED CYBER COUNTER TERRORIST ANALYST, USA
MEMBER OF IACIS, HIGH TECH CRIME, NATIONAL WHITE COLLAR
CRIME, USA

84. What is GOBISM?
 Protection of government information and
systems is a core accountability of each
governmental agency. The role of Information
Security Manual is to promote a consistent
approach to information assurance and
information security across entire Government
of Bangladesh.
 The Government of Bangladesh Information
Security Manual (GOBISM) details processes
and controls that are important for the
protection of Bangladesh Government
unclassified information and systems.

85. Control Categories
 Mandatory controls: the use, or-non-use thereof
is essential in order to effectively manage
identified risk, unless the control is demonstrably
not relevant to the respective system.
 Recommended controls: the use, or non-use
thereof is considered good and recommended
practice, but valid reasons for not
implementing a control could exist.

86. Information Security
Governance – Roles and
Responsibilities The Agency Head: The agency head must provide
support for the development, implementation and
ongoing maintenance of information security
processes within their agency
 The Chief Information Security Officer: CISO should be
responsible for ensuring agency compliance with the
GOBISM through facilitating a continuous program of
certification and accreditation based on security risk
management . CISO should be responsible for the
implementation of information security measurement
metrics and key performance indicators within the
agency

87. Information Security
Governance – Roles and
Responsibilities Information Technology Security Managers: ITSMs must be
responsible for ensuring the development, maintenance,
updating and implementation of Security Risk
Management Plans (SRMPs), Systems Security Plans
(SecPlan) and any Standard Operating Procedures (SOPs)
for all agency systems
 System Owners: The system owner is responsible for the
overall operation of the system and they may delegate
the day-to-day management and operation of the system
to a system manager or managers.
 System Users: All system users must comply with the
relevant security policies and procedures for the systems
they use

88. What is in GOBISM?
 Information Security within Government
 Information Security Governance – Roles and
Responsibilities
 System Certification and Accreditation
 Information Security Documentation
 Information Security Monitoring
 Information Security Incidents
 Physical Security
 Personnel Security

89. What is in GOBISM?
 Infrastructure (Cable Management)
 Communication Systems and Devices
(Fax/Printer/Scanner etc.)
 Product Security
 Decommissioning and Disposal
 Software Security
 Email Security
 Access Control
 Cryptography

90. What is in GOBISM?
 Network Security
 Working Off-Site (BYOD)
 Enterprise System Security

92. What is Social Networks ?
 Why Existing Social Networks are
Important ?!
 It provides Information/Intelligence
 Provides Evidence
 Sometimes Show way of Investigation
 Help us to take preventive measure

93. Identifying Popular Social Networks
using in Bangladesh
 Facebook
 Twitter
 Skype
 Viber
 Tango
 Imo
 WhatsApps
 Istagram
 Facebook Massenger
 Email
 Search Engines ( Google, Yahoo, Opera etc)

94. Facebook Investigation

During Investigation we get two types
of ID

Real ID (Given information is right)

Fake ID (Given all information is fake)

For initiating Investigation--

We have to collect same information
from this two types of ID.

95. Facebook Investigation
1. User Name
2. User ID/Profile ID
3. Numeric Personal ID
4. Objectionable posted content with full
link/url.

96. Facebook Investigation

Why it is important to collect this information-

To findout the specific ID/ Uniquely identify the
accused ID world-wide.

If you say – open a facebook id by the name of
Abdur Rahaman, posted a objectionable picture of
someone.

When you search Facebook ID by the name
Rahaman- you will get so many Rahaman's
facebook ID.

97. Facebook Investigation

98. Facebook Investigation

So you have to collect Facebook User
Name/Fcaebook User ID/Facebook
Numeric Personal ID/ Objectionable
posted content with full link/url regarding
facebook investigation for world-wide
uniquely identify the accused ID.

99. Facebook Investigation

How to collect this information-

Asked the complainant to open his
facebook id.

Doubble click on the accused Name.

You get the Accused User Name in
Friend search option & User ID in the
url.

100. Facebook Investigation

101. Facebook Investigation
By the user ID/Profile ID, you can find-out numeric
personal ID.
Go to the Browser and past the user ID/profile ID in
the blank space of the bellow website & click find
numeric id.
www.findmyfbid.com
www.lookup-id.com

102. Facebook Investigation

103. Facebook Investigation

104. Facebook Investigation

105. Facebook Investigation
How to take the posted objectionable
content with link?
1. Double click on the post if is any .jpg
/.png file.
2. You see the link in top url & picture
is expand.

106. Facebook Investigation
After expanding the post like
picture-
1. Just press PrtScr/PrtSysRQ
button one time & past it on the
word file by Ctrl+V.

107. Facebook Investigation
1. Collect all of the
information & past it on the
word file.
2. Print the word file & seize
before the witness.