What is Digital Forensics?

cyberscienceteam2020 Cyber Security

Cyber Incident is a theme which will be covered in this years conference. Make sure to buy your tickets for Cyber Science 2021, today. 

I am sure you have all watched episodes of CSI and Law and Order and watched as forensics comb through crime scenes searching for clues to send back to the lab. But, have you ever seen a show with a focus on digital forensics? Perhaps you have watched agent Garcia in Criminal Minds narrow down a suspects location using the GPS on their phone, or even trawl through their mobile devices searching for evidence to link them to a case. However, that is all fiction, in this blog post, we will reveal how real-life detectives can use digital forensics to solve cyber incidents.

Guru99 define digital forensics as:

"The process of preservation, identification, extraction, and documentation of computer evidence which can be used by the court of law."

Digital forensics can be used to find evidence from digital media forms, i.e., computers, mobile devices, servers and networks.

There are 7 objectives of digital forensics

  1. Recover, analyse, and preserve digital materials to present as evidence in a court of law.
  2. Understand the motives behind crime and identify suspects.
  3. Develop crime scene procedures that ensure that digital evidence is not compromised.
  4. Recovering deleted files and creating copies to validate information and extract evidence.
  5. Quickly identify evidence and its potential impact.
  6. Create computer forensic reports on the investigation process.
  7. Preserving the evidence by following the chain of custody.

So, how is digital forensics actually used by investigators? Well, it is a 5-step process detailed by MailXaminer, which consists of; identification, collection, preservation, analysis and reporting.

magnifying glass

Identification


This involves the identification of any digital sources which are capable of the storage of digital information and media.

Collection

These digital sources are then collected as evidence from the crime scene. This collection can be divided into four types of collection; volatile data collection, live system imaging, forensic imaging and seizing digital devices physically.

police car

Preservation

This step is extremely important. It involves preserving the crime scene and all the electronically stored information (ESI), obtained at the scene.

Analysis

The devices then undergo an analysis which is an in-depth examination of all electronic devices collected. This study will help the investigator to understand the crime, how it occurred and come to a conclusion.

glasses in front of a computer screen

Reporting

Finally, reports are created which present all of the data gathered throughout the examination process. These reports present the facts and events related to the case which can be presented when the case goes to court.

What can digital forensics be used for?

Digital forensics is an extremely important tool and can be used in almost all criminal cases, such as;

  1. Intellectual property theft
  2. Issues concerning regulatory compliance
  3. Employment disputes
  4. Fraud cases
  5. Inappropriate internet usage
  6. Forgeries
  7. Any form of cyber crime

At Cyber Science 2021, there will be a range of panels discussing cyber incidents and crime. Examples of which are:

Monday, June 14, 11:30
Profiling the Cybercriminal: A Systemic Review of Academic Research, with Maria Bada and Jason R.C. Nurse

Tuesday, June 15, 17:30
Understanding cybercriminals through analysis of penetration testing group dynamics, with Rachel Bleiman, Mollie Ducoste and Aunshul Rege

If you are interested in learning more about cybercrime you cannot miss Cyber Science 2021. Register today!

Click here to Register

We look forward to seeing you at Cyber Science 2021