Regular users, as well as criminals and terrorists, are using the Internet for various purposes. Today, current Big-Data technology allows law enforcement authorities to create a huge repository that contains all the surfing activity performed by all users over a considerable period of time. Our theoretical exploration suggests that such a repository contains valuable forensic information that may help to pinpoint suspected criminals or terrorists, and in certain cases can even preempt an upcoming criminal act. In this paper, we suggest how Big-Data analytics should be employed to perform such detections. For each user our detection model derives typical surfing patterns that relate to the topics of interest, frequency of accessing the information, when the information is accessed, etc. Significant deviations from those patterns, particularly when coupled with an event of interest (EOI), such as hit and runs or terrorist attacks, may indicate the subject's active involvement in the event. We provide an outline of the model and the related architecture, which may serve as guidelines for future research.