Internet technology has pervaded every sphere of our lives today. While on the positive side it taken the world several light years ahead in terms of progress and productivity, on the flip side, sharp, devious minds use it for self gain and crime. As crime goes hi-tech there is a need for trained professionals to decode cyber crime and prevent it from spiralling out of control.
Computer forensics is the modus operandi that professionals use to examine computers during the process of a criminal investigation. The police use computer forensics when they investigate and decode files and data on a computer which might help them solve a case. In the case of espionage or hacking, the obvious point of interest to the police is a suspect’s computer which will give them clues about transactions and activity that have been made using the computer.
Computer forensics can also be used to help solve murder cases or even theft in cases where the computer might hold information that is relevant to the case. The most innocuous looking data can be used to unravel a mystery. Computer forensics is the new age crime cracking process in a time of new age criminal activities.
What Computer Forensics Involves
Investigators who use computer forensics to solve criminal cases usually begin by looking at three basic kinds of data - saved data,
Saved Data
Any data that is stored on a hard drive is saved data. Saved data includes documents, internet logs, program files, images etc. Checking saved data is a fairly straight forward process except that during investigations it has to be searched thoroughly as files could be hidden within multiple folders and under misleading names. Some of these files may be password protected but computer forensic specialists are trained to work around these blocks.
Deleted Data
When crimes are carried out using a computer, most times the suspect will try to delete any data that could be incriminating evidence. However, the computer plays its own games that a suspect might not reckon for. Deleted data is data that has been deleted from a computer or data that has not been saved. To retrieve this data computer forensic specialists use advanced methods and special software to look at it.
Even if a person deletes data, it only means that the file does not appear in the place that it was previously saved but in actuality it does. The computer will act as if it doesn’t exist as the command it understands has carried out the “delete” action. However, experts who know better look for “raw” data that gives them the deleted information. Sometimes, the computer doesn’t write completely over the deleted data and traces of the old data can be vital clues.
Crime Scenarios That Require Computer Forensics
The world of cyber crime is extensive and increasingly on the rise and there are many scenarios’ that would require the expertise of computer forensic specialists to solve a case. There are basic cases where the employees abuse the internet during work hours and experts are called in to trace the suspect and put a stop to the activity.
In crimes of greater magnitude, investigators are called in to solve cases of fraud, deception, espionage etc. Murder suspects can be nabbed through inadvertently incriminating data left on a computer.
The Phone that Tells the Story
Many a time criminals are apprehended by their telephone history. Calls last made can be traced and other details known that can link a suspect to a crime. Digital data can be deciphered by computer forensic specialists and mobile phones have helped crack several cases. Calls made from mobile phones can be tracked and traced that can provide a great deal of valuable information.
Conclusion
It really is almost like a cat and mouse game where the computer hacker uses his expertise to steal data and the digital forensics specialist tries to keep abreast and use their expertise to solve the crime.