Wait a second!
More handpicked essays just for you.
More handpicked essays just for you.
Digital evidence important to an investigation
Digital evidence
Digital evidence
Don’t take our word for it - see why 10 million students trust us with their essay needs.
Recommended: Digital evidence important to an investigation
I will explain and define what digital evidence is and I will provide a list of devices that could contain or store digital evidence. I will discuss the issue of properly preserving digital evidence. I will discuss how to properly preserve and document a computer crime scene prior to seizing the computer. I will discuss how to properly shut down computers after the crime scene has been properly documented and photographed. I will also discuss transporting and evidence transmittal issues. Digital evidence is also referred to as electronic evidence. Digital evidence is any probative information stored or transmitted digitally (Digital, 2001) and takes the form of electronic data, or information that is stored in bits and bytes on …show more content…
Investigators will take photographs of the computer and especially the computer screen from different angles and up close to document and preserve any applications, images, running programs, documents, open windows, and data files that were opened by the user (Knetzger, 2008). It is in the best interest of the officer and the case that no one touches or moves the mouse, clicks on anything, use the keyboard, or any input device connected to the suspect’s computer. There are two reasons for this. The first is to prevent any possibility of activating a delete or wipe command preinstalled by the suspect. The second reason is that by not touching anything it ensures no data will be written to any part of the suspect’s computer system giving their defense opportunity to say the evidence was altered, changed, or planted (Knetzger, …show more content…
This way if there are two or more computers connected on a network they can’t transfer and store evidence where the police aren’t searching. Before touching anything start by photographing the scene from a wide view and work to get closer so you have the clearest and most detailed photos (Knetzger, 2008). Then document exactly how the computer is set up including pictures of front/back of tower, the screen, mouse if there is one, keyboard, and any other peripheral devices like router or modem. As soon as the scene is documented and preserved color code the cables and correlating ports with one color for each cable, and make sure to document empty ports as well. It is essential that you disconnect the network cable as soon as everything is documented and preserved this prevents remote access to the computer to destroy evidence (Knetzger,
Forensics investigations that require the analyzation and processing of digital evidence can be influenced both positively and negatively by a number of outside sources. In this paper, we will explore how physical security plays a role in forensics investigations activities. We will start by examining how physical and environmental security might impact the forensics investigation process. Next, we will discuss the role that physical and logical security zones play in supporting effective forensics activities. We will illustrate how centralized and decentralized physical and environmental security affects the forensics professional’s approach toward the investigation. Lastly, we will evaluate some potential areas of risk related to the physical security of our case study organization, Widget Factory, identified in Attachment 1.
Evidence essentially comes in two forms: verbal or physical. For instance, verbal evidence could be spoken evidence acquired from a wiretap. Physical evidence could include DNA, blood, or bodily samples. Another reliable origin evidence is digital documentation. “As technology has become more portable and powerful, greater amounts of information are created, stored, and accessed” (GEDJ). Over the past few decades, technology has advanced to extreme levels! The most common technology used to find digital evidence are cell phones, computers, tablets, external storage devices, GPS locators, and various other devices (GEDJ). Text messages, social media posts, pictures, etc. are becoming more common data in investigations of the modern era. “Digital evidence can come from both suspects and victims, as all involved parties may have their own personal devices that are relevant to the investigation” (GEDJ). If they are available, computers, phones, social media and much more are very useful sources of gathering data for a criminal case. For instance, both the suspect and the victim may have text messages on their cell phones that could add to the search. “In some criminal cases, digital evidence can be useful if the suspect had associated with it. In some cases it can lead in the wrong direction or to the wrong people. Or it could simply be useless if the suspect didn 't use anything digital”
Computers are also unique in the way they type and print out things. Document examiners can look over these and establish the similarities in the handwriting, and computer forensic specialists can extract logs and other data from most devices. As you can see
Technologies are advancing in today's world where more information is being generated, stored and distributed through digital gadgets. This requires investigators and forensic expert to increase the use of digital evidence gathering as a tool to fight against cyber-crime (International competition network, n.d.).
Technology has opened new encounters and opportunities for the criminal justice system. There are so many new practices of criminal activity, such as computer crimes. There are different types of computer crimes that many people become victims of every day. Computer crime is any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target ("Computer Crime: Chapter 2: What Are the Crimes?", n.d.). Crimes such as data diddling, pump and dump, social engineering and spoofing are computer crimes. Even though these crimes are difficult by privacy issues, the new technology has made investigations and prosecutions well organized and effective. Though views are different on the pros and cons of specific technological changes in the criminal justice system, there is an agreement the system has changed affectedly ("Effects of Technology in Criminal Justice | eHow", n.d.).
New types of technology have made it easier to track down and catch criminals. Then also made it easier for prosecutors to gather and present more credible information. Some new technology that has made it easier to track down criminals or help provide more reliable and supportive evidence is things such as DNA testing, computer technology, fingerprinting, and GPS tracking devices. “The main strengths of technology in the criminal justice system lie in the provision of databases which allow better and more efficient records to be stored and retrieved” (Bean 370). Prosecutors now in sense have “…an infallible test of truth, a foolproof method, of determining the accuracy and reliability of evidence and hence of convictions” (Pallaras 72). These 4 technological advancement...
The use of computers in homes, schools, offices, and other places has increased in the past few years due to technological developments. As computers have become important components of modern communication, their increased use has also led to the emergence of computer crimes. Computer crimes basically involve the use of a computer system to carry out an illegal activity. In attempts to lessen the frequency and impact of computer crimes, law enforcement agencies use computer forensic to investigate these offenses. Actually, computer crimes are governed by specific laws and dealt with through conducting a computer forensic investigation (Easttom & Taylor, 2011, p.337). Notably, a computer forensic investigation is usually carried out through the use of computer forensic tools, which help in collection of evidence based on the specific offense.
On 5 October 2009, computer equipment from a network data closet was stolen from BCBST. The items stolen were 57 unencrypted hard drives which contained over 300,000 video recording and over one million audio recordings. According to Whitman & Mattord (2010), confidentiality, integrity, and availability makes up the C.I.A triangle which is the basis of Committee on National Security model for information security, an industrial standard, (Whitman & Mattord, 2010). Confidentiality can be a synonym for encryption but also means only the people with the correct permission can access the information. One of the major security issue is the hard drives were not encrypted. The hard drives should be encrypted to prevent people from reading the information the computer. Software can be purchased which will encrypt files on hard drive with such as Folder Lock, SensiGuard, Secure IT, and more. There are open source encrypting software which are free for use which could have been used. If the hard drives were not needed, the data should hav...
There are various aspects of evidence collection preservation and documentation and the role digital image capture ad processing plays in it. Contamination is the introduction of something to a scene that was not previously there. This means trace materials are added to a crime scene after the crime is committed. This can happen before, during and after authorities take samples of the evidence from a scene. Many people can contaminate the evidence at a crime scene, including witnesses, suspects, victims, emergency response personnel, fire fighters, police officers and crime scene investigators.
Live acquisition: The future of data acquisitions is shifting toward live acquisitions because of the use of disk encryption with newer operating systems (OSs). In addition to encryption concerns, collecting any data that’s active in a suspect’s computer RAM is becoming more important to digital investigations. The processes and data integrity requirements for static and live acquisitions are the same. The only shortcoming with live acquisitions is not being able to perform repeatable processes, which are critical for collecting digital evidence.
Has your home become overrun with wires and cables despite having wireless internet access on your home computer? Is your technology reliant business just cables running rampant behind computer desks? If so, you are not alone. People everywhere are having to deal with the same issues in their own homes or businesses. However, now people have discovered a better way to handle the tangled up disaster area around their computer.
In order to wipe out computer crimes, an agency specialized in computer crimes should be at task to take care of such crimes and special devices provided to them in their lab. The devices they have available is what they will use in curbing the crimes hence the need to provide them with sophisticated devices.
... its media in transit because they are sensitive electronic devices. Electromagnetic fields can wipe or otherwise damage data stored on magnetic media. Radio frequency radiation can cause damage to magnetic media, so placement of the items in a squad car truck or near radio gear should be avoided. The large amount of space a computer and media can take up most investigators choose to take a minivan or other large transport vehicle along with them during executing a search warrant for a computer. During transport care must be taken to ensure the long-term security and stability of these materials. Computer components and media should be kept in a cool, dry place that is free from water pipes or other building utilities that could cause damage to equipment if they fail. They should also be kept well away from magnetic fields or radio frequency interference sources.
...captures important data on live computer evidence at any computer crime investigations, without the need of particular forensic expertise. The tool is activated after being installed on a USB flash drive then plugged into a USB port. The features the tool includes are password decryption, data extraction and Internet history recovery. The most outstanding feature that COFFEE offers is the recovery of data stored in volatile memory that could be lost if the computer was turned off.
Computers have managed to infiltrate most of the modern lifestyle, but by removing them we can solve many additional problems they create aside from hack...