What’s scarier? Digital Forensics or Dating Taylor Swift?
I guess most of you have heard the country-tuned music of the mega pop-star Taylor Swift. Well, she has got quite appealing looks with golden locks and red lips. But she is also well known for being obsessed with cats and putting her ex-flings on blast in song. So yes dating Taylor Swift can be scary.
What could be scarier than having your actions behind the curtains exposed in song? Well, it’s scarier when a forensic investigator exposes your cyber nasty through a series of digital evidence. To put it simply everything you do on the internet leaves some sort of evidence. So hiding behind the screen is not necessarily easy, at least for an ordinary computer user.
What is digital forensics?
First of all let’s take a look at what digital forensics is. To quote from Sherlock Holmes, which was written before the digital era: “Data! Data! Data!… I can’t make bricks without clay.”
Digital forensics is the process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable. Digital forensics entails multiple methods of discovering digital data in computer systems, mobiles and other electronic devices; recovering deleted, encrypted, or damaged file information and monitoring live activity. Data with evidential value are extracted from all digital sources available and are mapped together to draw out possible scenarios. The job of a forensic analyst is often painstaking but finding digital evidence which can either convict or exonerate someone under trial can be very much rewarding. The computer forensic analysts only extract evidence to support a case but do not provide conclusions. The judgement is passed by the judge and jury not the analyst.
So yes, digital forensics can reveal seemingly invincible data, the kind of data that defines your actions. Unlike Taylor Swift’s personal opinion of her former lovers, digital forensics evidence is securitized by more than one investigator and then the court decides whether to accept it or not.
Who uses computer forensics?
Digital forensics is a relatively young field but has advanced greatly during recent years. With the rapid increase of computer and mobile usage, there is an unprecedented amount of digital information passing through the wires. This has become an inevitable part of life. Your cyber activities have an impact on your life, of what you do, what you like, where you go and ultimately who you are. Digital evidence can be useful for anybody and the following is a very general categorisation of who uses digital evidence and for what purposes.
How do investigators get hold of digital evidence?
With every aspect of life taking a digital form, we have to expect to see crime, abuse, harassment or even revenge, taking place in a new way. Then again, to prove all this, digital evidence is required, investigations have to be carried out and these need to be either taken to a court of law or presented to authorities of an organisation.
Although it is similar to other forms of legal forensics, digital forensics process requires a vast knowledge of computer hardware and software in order to avoid the accidental invalidation or destruction of evidence and to preserve evidence for later analysis.
An experienced forensic investigator would know to identify all related evidence. It is seldom that Investigators get unobstructed access to all evidence. Before collecting evidence, they need to be sure they have obtained the right to either search or seize the evidence in question. This might require court orders, search warrants and other related documentation. While collecting evidence, single-evidence forms need to be completed. This is a part of the ‘chain of custody’ where the steps taken in the collection process are recorded. This determines whether the evidence will be useful to you once the investigation is complete. Also, investigators must ensure the evidence was acquired properly and is in a pristine state.
Is digital evidence always admissible in a court of law?
Keep in mind that all evidence is not appropriate for admission into a court. There are specific rules that apply to evidence submitted to a court. Carefully analyzing evidence that the court refuses to consider would be a waste of time and money. While some types of evidence would never have a chance of making it to court, good evidence might be tainted by an investigator on its way to court, ultimately making it unacceptable.
If an investigation is carefully carried out by qualified and experienced professionals, the chances of admissibility will be pretty high. It comes down to choosing the right people for the task.
What to do when an incident occurs?
Alright now we’ve established what digital forensics looks like: let’s try to gain some understanding of your role in an incident. To make sure your data is not mishandled by an inexperienced forensic analyst your organisation needs to have proper procedures in place. While some organisations have the capacity to maintain an in-house incident response team, it’s not practical in every organisation.
Each organization has different needs. First you have to assess your organization’s specific needs. Corporate organizations may want to make sure they formulate security policies by assessing risk, threats, and their exposure factor to determine how best to keep their networking environment safe. When an incident occurs, the organisation should know from where to seek assistance. Law enforcement is one option but having collaboration with a trusted and reputed security consultancy firm will always be useful.
There are no ‘one size fits all’ rules that can be easily applied to every organisation because the policies and security practices should be tailored to the nature and requirements of the organisation. Providing training and security awareness for your IT teams will make a good start, but you must constantly update your knowledge of new hardware, software, and threats. You should recognize how they affect your work and your organization so that you can continuously reassess your vulnerabilities.
How has digital forensics help put cyber criminals behind bars?
Digital forensics investigations can reveal a lot more than you think. Following are a few cybercrime cases; One of the latest incidents was the Cyber Criminal Forum takedown by the FBI where members from 20 Countries were arrested. The Department of Justice and the FBI — with the assistance of their partners in 19 countries around the world announced the results of Operation Shrouded Horizon, a multi-agency investigation into the Darkode forum. Among those results were charges, arrests, and searches involving 70 Darkode members and associates around the world; U.S. indictments against 12 individuals associated with the forum, including its administrator; the serving of several search warrants in the U.S.; and the Bureau’s seizure of Darkode’s domain and servers.
One of the cases from 2014 that involved cybercrime through social media was of a Texas man, Sex Trafficker who found young victims through social media sites. It is yet another example of how social media can be dangerous for young people. This man was sentenced to 40 years in prison on child sex trafficking charges after identifying and contacting young girls through social media platforms and then luring them into prostitution.
The Police in China recently said they arrested about 15,000 people for crimes that “jeopardized Internet security,” as the government moves to tighten controls on the Internet. The sweep targeted websites providing “illegal and harmful information” as well as advertisements for pornography, explosives, firearms and gambling. The police said they investigated 66,000 websites in total.
Still think dating Taylor Swift is Scarier?
Digital forensics has globally accepted best practices and these keep evolving with technology advancements and latest research findings. A forensic investigator needs to have an eye for detail and skills of a computer expert — well, it is a science plus art. The evidence must be identified, preserved, analysed and presented in a strictly regulated manner. Digital forensics can uncover seemingly invincible data and help in convicting or exonerating a person. With the increase of cybercrime, digital forensics has become vital in practicing justice in the cyber world which is dangerously coming closer to the real world, real lives of people.
