Computer Forensics

/Computer Forensics

Is Your Mobile Device Lost, Locked or Damaged?

  Forensic investigators should routinely determine if backup files exist during their initial case assessment.  A backup file is a like a snapshot of the devices memory in time.  It is an excellent alternative to a lost or locked device or when other forensic procedures cannot recover the data.  A backup may be found in the cloud or may be stored on a computer or mobile device.  It would require the user’s credentials or a forensic acquisition of the device it was stored in.  Attempts to restore a backup without the proper training could result in the contamination and permanent loss of data.  A backup file is also a good alternative when faced with a locked device with an unknown pass code. However, advances in technology allow examiners to overcome more locked devices than ever before.  Because of the rapid pace of technology, the forensic community lags behind.  New tools are created regularly so reviewing the latest forensic capabilities periodically is recommended. Damaged devices can often be accessed after making only minor repairs, more often than not.  For example, the simple and inexpensive process of replacing a broken screen may be the only thing preventing the examiner from accessing the device.  Water damage can also be easily mitigated, but requires the investigator to follow a recently updated standard procedure.  Depending on the device and the current state of the devices power certain actions should be taken.  See the iPhone Collection Flowchart and the Android Collection Flowchart.

ICYMI: CT Man Jailed for 17 Years, Exonerated Thanks to Digital Evidence

A New Haven, CT man who served 17 years in prison for murder and robbery was freed back on April 25, 2018 after he was exonerated by cellphone records. Read Article The digital evidence is out there to save more lives, but defense teams may not be as educated as the prosecution, who have access to state labs, as to what to look for, where to look for, and how to obtain all the necessary digital evidence needed to prevent or exonerate wrongful convictions. For further information see: Digital Evidence Case Assessment Method Digital Evidence Innocence Initiative

NEW!!! Digital Evidence Case Assessment Method (DECAM) White Paper

FROM COLLECTION TO THE COURTROOM: DIGITAL EVIDENCE A NEW Standardized Method for Investigators and Attorneys IRIS LLC is proud to announce the creation of the first standardized Digital Evidence Case Assessment Method (DECAM) for indigent defense organizations.  Developed for the defense community to reduce pre-trial incarceration and prevent future wrongful convictions in cases involving digital evidence. NEW Regional Training Opportunity! Digital Evidence Case Assessment Method (DECAM) along with free resources in our online Digital Evidence Toolbox.  Presented by IRIS LLC at the upcoming New England Regional public defender training, Thursday, June 6, 2019 at Middlesex Community College. DECAM was developed for attorneys and investigators to reduce pre‐trial incarceration and prevent future wrongful convictions in cases involving digital evidence.  Applied to post-conviction review in cases where digital evidence was a deciding factor; became the genesis for the first ever Digital Evidence Innocence Initiative. Click here to read the New DECAM White Paper  

2019-05-22T11:09:50-04:00May 20th, 2019|Categories: Cell Phone Forensics, Computer Forensics, Investigations, Location Data, Social Media, Standards-Best Practices, Training, Uncategorized|Comments Off on NEW!!! Digital Evidence Case Assessment Method (DECAM) White Paper

Updated Standards and Best Practice Guides in IRIS Digital Evidence Toolbox

When digital evidence is encountered during an investigation, many questions arise: What is the best method to preserve the evidence? How should the evidence be handled? How should valuable or potentially relevant data contained be preserved? The key to answering these questions begins with a firm understanding of the characteristics of digital evidence. Updated standards can be found in our Digital Evidence Toolbox at http://www.irisinvestigations.com/iris-digital-evidence-toolbox/

2019-05-07T15:22:27-04:00July 25th, 2018|Categories: Cell Phone Forensics, Computer Forensics, Crime Scene Examination, Investigations, Standards-Best Practices|Comments Off on Updated Standards and Best Practice Guides in IRIS Digital Evidence Toolbox

The Best Data Security and Identity Theft Prevention Methods for 2018

Learn how to take a proactive approach to data security and prevent becoming a victim in the first place. READ THE ARTICLE: The best data security and id theft protection for 2018

Hackers sought a $23,000 ransom after freezing a N.C. county’s website. They’re not getting it.

A county employee in North Carolina on Monday opened their inbox and clicked on a phishing email, inadvertently pulling up an attachment containing spyware and appearing to expose the county's computer system to hackers overseas.  The hackers, believed to be operating from Iran or Ukraine, asked the county for $23,000 to unfreeze the system, Mecklenburg County officials said. They gave the county an email address and instructions on how to pay the ransom.  They also gave the county a deadline — 1 p.m. Wednesday. READ THE FULL CHICAGO TRIBUNE ARTICLE HERE>

2019-07-01T13:16:46-04:00December 11th, 2017|Categories: Computer Forensics, Investigations|Tags: , , , |Comments Off on Hackers sought a $23,000 ransom after freezing a N.C. county’s website. They’re not getting it.

FBI rebuts reports that county reset San Bernardino shooter’s iCloud password without consent

The FBI on Saturday rebutted media reports that San Bernardino County technicians acted without the agency's consent when they reset the password for the Apple iCloud account belonging to one of the shooters involved in the Dec. 2 terror attack at a county facility that killed 14 people. Read the full LA Times Article here>

2019-06-28T13:14:23-04:00February 22nd, 2016|Categories: Cell Phone Forensics, Computer Forensics|Tags: , , , , , , |Comments Off on FBI rebuts reports that county reset San Bernardino shooter’s iCloud password without consent

Congress to Consider Encryption after Apple Refuses to Build ‘Backdoor’

Reversing course, a key congressman said lawmakers will need to step into the debate over encryption vs. privacy after Apple said it would oppose a court order demanding it help the FBI hack a spree killer's cell phone. Read the full article here>

2019-06-28T13:18:35-04:00February 22nd, 2016|Categories: Cell Phone Forensics, Computer Forensics|Tags: , , , , , |Comments Off on Congress to Consider Encryption after Apple Refuses to Build ‘Backdoor’