Timing is critical for tech crime investigations

This article is more than 12 months old

Just as how police officers look for clues at a crime scene to locate offenders in the real world, technology crime investigators scour devices and scope the Internet to look for digital signifiers that help them identify perpetrators.

Superintendent Soo Lai Choon, who runs the police's technology crime investigation branch, said: "The crime scene is in the virtual world, and the culprit is hiding behind a keyboard."

Investigators obtain system logs from the victims and suspects, so "we can see where the hacker came in from, what he did to the system and how he escaped".

He added: "On TV shows, investigators click to find IP address - click, click, click - and they find the accused's location and subscriptions. In real life, it is not as fast."

For one thing, investigators have to collect evidence and duplicate - or image, as Supt Soo calls it - the data in order not to tamper with evidence.

"I may have to do some analysis before I can get the IP address," he said, adding that the trail continues from there.

IP addresses help investigators find out the devices' physical location. Investigators can then determine who has access to it.

That is why it helps if victims report crimes as quickly as possible. "Digital evidence can be erased easily," Supt Soo said.

Besides time, the borderless nature of online crimes also requires officers to work with partners both local and abroad.

For example, when his unit was working on "The Messiah" case, it had to enlist the help of the Malaysian police when investigators found out that the hacker was working out of an apartment in Kuala Lumpur.

The Messiah was a pseudonym for James Raj who, in 2013, hacked into several web servers that hosted websites owned by Ang Mo Kio Town Council, The Straits Times and Sun Ho, the wife of City Harvest Church's founder Kong Hee.

While Supt Soo's unit works mostly with devices, investigators do run into physical danger.

In September, a 25-year-old cook who logged into his girlfriend's Facebook account and posted a nude photo of her, was jailed for six years and two months, and given six strokes of the cane, for several offences.

His litany of crimes included causing grievous hurt by slashing an officer from the tech crime unit.- AW CHENG WEI