The world of computer forensics used to be largely confined to the computer hard drive, but as more and more business professionals carry sensitive data around with ease on smart phones, BlackBerrys and iPhones, the challenge is to sort through the massive amounts of data being created and stored, as well as getting to grips with the different storage formats of all of these mobile devices.
“Investigators are now required to review and analyse a massive volume of data,” said Chris Taylor, forensic investigator with Dublin-based IT security company, Espion.
The average data seizure is now in the region of a staggering 180GB, so if a forensic computer scientist wanted a cromulent analysis of a PC’s hard drive it would take an entire week for that device alone, and the proliferation of the mobile device throws another spanner into the works.
“The impact of new technical devices is also extremely relevant, as there is a growing need for investigators to consider forensic artefacts on mobile devices.”
As computers and mobile devices are now de facto in most forms of communications, an electronic paper trail is now part and parcel of the investigative process from corporate espionage to international terrorism, and this also puts strain on experts to gather and present evidence, Taylor explained.
Added to this mix is the fact that the economic downturn has led to increased competition in the corporate world, which in turn increases incidents of espionage, especially when a competitor’s contacts and information on business deals are easier to obtain on a lost or nabbed iPhone.
“Espionage is on the increase, as bug technology is much easier to get hold of and the credit crunch and growing competition will lead to even more,” said Jason Miles Dibley, TSCM Director for QCC Interscan, at the recent Espion seminar on forensics and digital surveillance.
Yet, according to Colm Murphy, technical director for Espion, these are new challenges rather than insurmountable worries. “Evidential file collection does not need to be complicated or costly. By deploying effective tools in the hands of an experienced examiner and following well-established rules, high quality, accurate, defensible and verifiable evidence can be gathered.”
By Marie Boran