Guest Blog Post
by Mike Dejopopompak, EnCE
Smart phones, tablets, and inventions of the post-PC era have changed the way we communicate with one another. Just a few decades ago, people were reluctant to give their credit card numbers and social security information over the phone. Now the norm is to have multiple account credentials stored in the cloud and even on the portable devices themselves. Our perception of privacy has shifted to more sharing / openness. Social networks such as Facebook and LinkedIn drive demand for real time communication. This need for instant gratification and maximum convenience has also been a catalyst to our increasing reliance on cloud storage. As a result, investigators have more access to data previously unavailable. Mobile devices often log information regarding the location and time of the devices whereabouts and activities, via GPS, cell tower connections, and IP addresses. This information lends itself to assisting in legal matters, such as criminal investigations where an individual’s location at a given time can corroborate a given alibi.
In this day and age, smart devices are omnipresent and what an individual says or does is likely to leave artifacts of their existence. Emails, photos, text messages, and documents may be hidden or deleted, but there are a variety of methods to find traces of obfuscation, which can even lead to the full recovery of a deleted item. Digital investigators make use of forensic tools to perform file signature analysis, timeline analysis, and file carving to locate concealed and deleted data. Other less technical methods also exist. For example, on social media websites, a user can attempt to hide their activities from the public, however their “friends,” if ordered by the court, can be subpoenaed into providing access credentials. This leads to the revelation of the user’s previously hidden activities, which may be made available to their “friends,” and ultimately into the hands of the court.
With the proliferation of affordable computing devices, the spread of personal information on mobile technology has given law enforcement agencies and hackers a greater ability to capture sensitive data, which can be used for legal, as well as nefarious purposes. The reduced obstacles to obtaining this information introduce new privacy issues, on an unprecedented scale. Attacks on commercial websites have increased in frequency, sophistication, and scope. Millions of people can and have been affected when hackers are able to successfully disrupt services, sometimes resulting in the compromise of sensitive data, such as login and password combinations or other personally identifiable information. Defending against these malicious online attacks and identity theft is a complex, costly process. Investigators have an overwhelming amount of data available to assist in forensic analysis; security teams can’t seem to keep up with their examinations and develop a backlog.
The ability to deliver rapid, consistent, defensible results requires bleeding edge technology and knowledgeable engineers to operate them. Fortunately for the world of litigation support, new processing platforms utilizing multi-core processors and distributed computing models give legal teams and vendors the tools they need to make complex matters more manageable. Common machine-intensive processes such as de-NISTing and de-duplication is now almost instantaneous. We’re very close to the point where the physical limitations of storage mediums have become the bottleneck. Time and money are familiar constraints that litigation teams face, and the ability to reduce both metrics requires the right ingredients: cutting-edge hardware, robust software, and most importantly, a team of expert technical operators combined with professional services to deliver the most value to your clients.