Need To Conduct A Proper Forensic Investigation

Computer investigation is a relatively new tool in our arsenal of investigative assets and it’s quickly proving to be an extremely valuable source of information and is emerging as a new powerful profit center for the investigative firm or company.

A digital forensic investigation is the recovery and analysis of any type of Digital Storage Media (DSM) searching to find potential legally admissible evidence. The type of evidence relevant to theft of trade secrets, theft of or destruction of intellectual property, wrongful termination, domestic cases, embezzlement, fraud, and tragic child pornography investigations.

Without forensically wiping the media, not much is really deleted from a computer and we can recover part or all of the deleted reports, emails, Internet sites visited, and graphics the suspect thought was gone forever. For the purpose of this article I will address finding the right person or firm to conduct a proper investigation.

I am aware of stories where the Detective was asked to recover incriminating
e-mails from a suspect computer collecting thousands of dollars from the client and then packing and shipping the hard-drive off to Texas, New York or some other location that’s not in my -state -USA. Only to be told; “Sorry we err…lost your computer…but say we’ll ship back a brand new hard-drive for your trouble.” Explain that to a client. I guess you can’t, can you? The answer is to find a local or regional forensic Investigator in your own area. Don’t relinquish Command and Control of your investigation by shipping out your evidence not to an investigator but a technician who knows little about the collection of evidence for court purposes and has limited or no experience testifying.

What to look for

Find a seasoned fellow investigator with the technical expertise necessary. Most of us use qualified technicians for certain aspects of a forensic examination, but it’s the investigator who is trained to recognize legal, admissible evidence that will make your case. A seasoned investigator with an established firm will be around when the time comes for court testimony.

Make sure your digital forensic resource has the hardware, software, and lab to meet your needs. Remember, should your case go to court, your case is only as good as your resource will look to a judge or jury. Visit the facility of the resource you are considering – any reputable investigative lab should welcome such a request.

Does the investigator have the assets to read stored data (SIM cards) on cellular telephones? Or any other device that is part of your investigation?

Is the forensic investigator experienced in court testimony? Does the investigator’s resume’ or credentials meet court standards for testifying in criminal as well as civil procedures.

Ensure the investigator is properly licensed with the Private Protective Service Board.

It is very important to look for standard document procedures

Release forms
Evidence tags
Chain of custody documents
Photographic and video equipment

The absolute minimum time frame for a proper investigation cannot be predicted as the size of the digital media dictates the investigative hours some cases literally take weeks. However the gleamed evidence from this type of case is often powerful and concise.

Insure the investigative lab allows you the margin to add your fees for the service with exception of direct expenses, which are normally fixed.

Finally understand that utilizing this investigative tool is expensive. Costs for setting up an investigative laboratory can easily exceed $100,000.00. The investigator must maintain expensive inventory hardware, software, technology staff and certification costs. The technology is rapidly growing and your resource should recognize their responsibility to stay current – which comes with an ongoing high cost. While this tool is one of the best, it is not for the financially or technically timid.

Feel free to contact me for any questions you may have.

The simple definition of computer forensics

… is the art and science of applying computer science to aid the legal process. Although plenty of science is attributable to computer forensics, most successful investigators possess a nose for investigations and for solving puzzles, which is where the art comes in. – Chris L.T. Brown, Computer Evidence Collection and Preservation.

Smartphone, iPhone and Mobile Phone Forensics

With the current rapid surge in mobile phone technology, many criminals have begun to manipulate the capability of such convenient and widely used devices. The development of advanced smartphones, such as the iPhone, have presented a new temptation to thieves and villains alike, thus producing a new threat to the public and business sector. Through utilising and misusing handsets within their illegal activity, they have been able to open up a whole new avenue within which to participate in criminal practice. Luckily, these forensic experts are able to efficiently close such openings, through the implementation of highly skillful mobile phone forensics.

Smartphones can be customised with a whole host of applications, all of which can leave valuable digital traces of how – and even where – they have been used.  Such popular handsets are also being used to record videos, and take pictures of their illicit activity, due to the increasingly capable technology installed within such devices.

Using their own internally developed tools and techniques to complement their comprehensive forensic portfolio, this leading forensic company possess the specialist skills and equipment to retrieve sensitive data, which could prove vital within an investigation. Their effective methods and expertise give them the ability to recover deleted messages, videos and pictures, which may be invaluable in convicting potential suspects – or uncovering a user’s activity. They can also analyse phone data to establish when calls were made, whom the calls were made to, and at what time and they were made. From such data, they will collate extensive and in-depth reports as to the findings, to give you the most information possible.

Offering a full forensic data service, they also specialise in areas such as;

•    Digital forensics

•    Computer evidence

•    Cell site analysis

•    Computer forensic advice

•    E-Discovery

•    Computer analysis

Such services prove instrumental within a wide range of police enquiries, uncovering important truths surrounding the case at hand.

They are not only experienced, but also extremely knowledgeable in gaining essential information from all makes, models and versions of Smartphones and iPhones. Their impressive history of collating and uncovering vital evidence using mobile phone forensics, has been crucial within hundreds of separate cases, allowing them to continue to play a crucial part within many important investigations.

New Era of Computer Forensics

This new branch of digital forensic deals with computer crime and computer supported criminal activities. There are many computer crime investigations conducted during the previous years, out of which the most successful investigation was held on august 26, 2004 by WEB-SNARE. There are about 150 successful investigators working for WEB-SNARE. This success was the pioneer for Computer Forensics.

Computer crimes are giving a larger amount of negative impact to the society. It is one of the largest growing professions in this century. The progress in the computer security fields improves the Forensics. Data security is the most prominent feature to be ensured in all software institution.

A good computer forensic investigator should have updated knowledge in the field of computer and technology. The national security even can be leaked out by the hackers. Therefore the importance of cyber crime punishment and computer forensic is gaining greater importance. Multinational software companies may hire a forensic investigator to assure the privacy of their projects. This will increase the demand for a forensic investigator. This is also becoming a new career in the field of law enforcement and government intelligence. Another advantage of this job is that it is never outsourced from one country. Due to security reasons the details of the Cyber crime will not be outsourced. This will increase the demand of forensics investigators. There will be opportunities for forensics investigators in police department, FBI and also CIA. The digital evidences will be considered as the primary source of proof when it comes to a cyber crime.

The common certifications in the field of Computer Forensics are:

*GCFA- GIAC Certified Forensic Analyst certification.It is provided by the Global Information Assurance Certification organization.

*CCFE – Certified Computer Forensics Examiner.It is provided by the IACRB.

*CFCE-Certified Forensic Computer Examiner.It is provided by IACI.