The rise and growth of technology has spawned innumerable industries including those of computer forensics. According to the Data Protection Act in 1986 along with the growth of IT, it became imperative for each organisation or individual to protect their information against data loss and corruption. Over the years, computer crime has grown in leaps and bounds. And this has consequently propelled many IT firms to venture into the field of computer forensics. Today, computer forensics is one of the most lucrative and valued industries in modern organisational world. Computer Forensics can be described as the complex process of utilising scientifically proven tools to gather and interpret data discovered on a storage digital device for possible use in any type of investigation. In other words, computer forensics is a method defining the Who, How, When of computer-related data and using this data to help in any kind of investigation. Usually, computer forensics is best used by law enforcement agencies and multinational corporations for the prevention of computer fraud. Computer forensics is also used by defence or prosecution attorneys in a court of law to either save or prosecute a criminal. Thus, computer forensics has grown into a spawning profit-oriented market, churning preventive data processes, careers and new data recovery technologies.
The potential of this new industry keeps growing as new frontiers of computer crime are discovered. Commonly, computer forensics is used to combat computer-related issues in the public and private sector. In a nutshell, computer forensics is more popularly used in organisations. Personal usage of computer forensics is limited pertaining to narrow areas of retrieving data from a phone call for accusing the spouse during a contested divorce case. In colloquial terms, the money lies in data retrieval for organisations. The computer frauds investigated are:
- Copyright infringement
- Unauthorised access to confidential information
- Corruption
- Decryption
- Use of unlicensed software
- Industrial espionage
- Illegal use of a computer for unlawful purposes
- Fraud and money laundering
- Piracy and blackmail
The biggest worldwide leader today in the market is Disklabs commanding more than 50% of the total computer forensic market share. The company argues that expansion of computer forensics is the latest viable trend as computer forensics is still an untapped market with tremendous potential. The company technicians outline the untapped niches of this market:
Computer Virus and Hacking: This is a growing problem – one which started out small but has now taken on giant proportions. Computer virus and hacking allow easy data replication and corruption. Disklabs is trying to create software to combat this common fraud.
Manipulation of Remote Tools: Organisational data is at a higher risk of data loss when being saved on to a secondary site database. The vulnerable data can be easily duplicated and corrupted. Disklabs has invented software to deal with this problem and is in the process of fine-tuning it. But, this area is devoid of competition as most computer forensic firms still grapple with hard drive wipeouts.
Some Software’s Invented by Disklabs:
- Forensic Tool Kit: industry standard toolkits for forensic analysts
- Registry Viewer: allows a view of registry files which means that user can access the usernames, email settings and passwords
- Foremost v1.2: recovers files based on their headers, footers and internal data structures
- Inzider: lists processes and reports on the ports these processes use
- Net Analysis: Internet history tool, and is used to identify amongst other things child pornography site
- GNU Parted: partition and file system editor, and allows creating, destroying, resizing, checking and copying partitions and file systems
Another popular computer forensic firm is the
Sector Firms comes next claiming more than 25% of the computer forensic industry. It provides a range of services including destruction of intellectual property, theft of personal data to child pornography. It identifies, collects, secures, and analyses data in a way that preserves the integrity of the evidence collected, so it can be used effectively in a legal case.
Applications:
- Hard Drive Wipe: Completely overwrites all information on the hard drive
- Hard Drive Copy: Cloning and duplicating services for business
- Hard Drive Cloning: Protect evidence or back up existing data with an exact copy of the original hard drive
Vogon International is the new entrant in this lucrative field. It describes computer forensics as a spectrum of crime-preventive processes from the use of formal, accepted techniques for collecting, analysing and presenting suspect data in court, concentrating on rules of evidence, the legal processes, the integrity and perpetuity of evidence, reporting of facts, and the preparation and presentation of expert testimony. However, the computer forensic industry is also engaging in the market trend of acquisitions and mergers. The primary objective behind it is the creation of a standard computer forensic method for all organisations in every sector. The first step was taken in 2001 when multinational risk consultancy firm Kroll acquired