Deadbolt Forensics Provides Advice on Why Attorneys Need Digital Forensics Agencies When Investigating Criminal and Civil Matters


(PRWEB) August 05, 2014

In today’s day and age, technology issues have popped up everywhere in criminal and civil matters. Many law firms are inundated with cases related to corporate data breaches, employee misconduct and intellectual property theft. Most recently, in the case of Moyer v. Michaels (Art & Supply) (Case No. 1:140cv-00561, U.S. District Court for the Northern District of Illinois) the company was charged with exposing as many as 2.6 million customer credit and debit card numbers in a data breach. The cyber-attack which occurred from May 8, 2013 – Jan. 27, 2014 left customers vulnerable to identity theft, fraudulent payments and account withdrawals.

In cases like these, it is very important for law firms to hire the proper digital forensics investigator as they are experienced in technology footprints and how data moves throughout the system. Conducting a proper digital investigation can often times determine the ultimate success of the firm.

Michael Yasumoto, Senior Forensic Analyst at Deadbolt Forensics has provided these tips to attorneys on how Digital Forensics agencies can help their next technology related case on the following issues:

Recovery of hidden or destroyed data, including formatted hard drives


    Time is of the essence here. Deleted and formatted data can be recovered but the drive needs to be examined immediately in order to increase the chances of successful recovery. If drives continue to be used after important data is lost, new files may overwrite and prevent recovery of the deleted evidence.
    Many “hidden” files are easily revealed through a forensic analysis. Whether the file is improperly named (a .jpg renamed to a .doc file) or hidden within another file (a .jpg embedded within a .doc file) they can be easily located and flagged for closer scrutiny.

Mobile forensics evidence including cell phones (both smart and feature phones), PDAs, GPS devices and tablets/iPads

    Most mobile devices keep track of their location in order to decrease the time it takes to connect to the cellular network. By reviewing this location information as part of a forensic exam, it is possible to get a date and time stamped record of where these devices have been.
    It is more common today for young people to communicate using third party apps like whatsapp, viper, and snapchat than to use more traditional forms like email and text messages. Despite the claims made by these apps regarding security, the contents of these communications can usually be recovered using forensic techniques.

Theft of intellectual property or trade secrets

    When an employee departs, it is becoming more and more prudent these days to preemptively create forensic copies of their computer and mobile phone so that all possible evidence is preserved if needed in the future. In case of IP litigation at a future date, it then becomes a matter of reviewing the preserved evidence to show removal of company IP. Without this preemptive action, there is the risk that the forensic artifacts proving the theft will be deleted, if they are not already erased, and eventually overwritten by the next employee during regular business use. Law firms can greatly benefit from learning why a digital investigation is needed, what steps to take within an investigation and who should be involved. These simple facts could save their firm thousands.

For more information on Deadbolt Forensics please visit their website at https://www.deadboltforensics.com.

About Deadbolt Forensics

Deadbolt Forensics is a privately held company focused on digital forensics and the associated services of data preservation, electronic evidence retrieval, analysis, neutral expert witness services, hard drive sanitization, and password/data recovery. The company works directly with attorneys and litigation support teams in both criminal and civil cases supporting plaintiff and defense clients. Deadbolt Forensics accepts clients in the states of Oregon (Registry# 906073-92), Washington (License# 603343020), and Alaska (License# 1000625). For more information on pro bono services offered to our partners in the non-profit sector, please contact us at publicrelations(at)deadboltforensics(dot)com.

Contact:

Deadbolt Forensics, LLC

1915 NW AmberGlen Pkwy Suite 400 Beaverton, OR 97006

Phone: (503) 683-7138

Fax: (503) 296-5504

Email: info(at)deadboltforensics(dot)com

Web: https://www.deadboltforensics.com/







More Expert Witness Press Releases

Expert Witness Corner: The Importance of Computer Forensics in Criminal Law

In many instances old, or conventional crime is perpetrated using new approaches that are reliant on technology. Postal fraud, for instance, has evolved to employ electronic communication channels, giving rise to waves of emails seeking to defraud recipients with promises of money and fictitious prizes (commonly known as ‘419 scams’ as many of such notes tend to originate from the African continent and 419 is their penal code for wire fraud).

Studies into the cost of cyber-crime, commissioned independently by the Department of Trade and Industry (DTI) reveal alarming trends in the abuse and misuse of technology. The average cost per security incident has risen to over £160,000 and nearly one in four businesses in the UK have suffered a serious hacker attack or virus outbreak. The impact of an information security breach can be so devastating to business operations that one in ten never actually recover and the shutters close permanently. To counter this growing threat, security and law enforcement agencies have adopted fresh approaches for dealing with high technology crime.

Forensic Computing is a relatively young science when compared to contact forensics such as fingerprint recognition which have roots that can be traced back to Edmond Locard, who in the early 1900s famously postulated the theory of evidence being left as ‘mutual exchanges of contact’. Whilst various descriptions exist in relation to this practice, the international survey undertaken by Hannen has been taken as the de-facto definition: ‘Processes or procedures involving monitoring, collection, analysis… as part of ‘a priori’ or ‘postmortem’ investigations of computer misuse’. It is important to appreciate that this definition takes a wider view than the conventional reactive description, where forensics was regarded purely as an incident response function. Hannen considers digital forensics as also taking a pro-active role in security, where it can be combined with intelligence and operational planning.

As a serious field of research, forensic computing studies only started to take real form in the early 1990s when, faced with ever increasing numbers of computers being seized at crime scenes and the potential for crucial evidence to be stored on a PC, various government agencies came together to host the International Conference on Computer Evidence (ICCE). Here many of the challenges facing law enforcement communities were aired and agreements forged to cooperate towards finding effective solutions.

Two years later, in 1995, the International Organisation for Computer Evidence (IOCE) was formed, and a further two years later the member states that comprise the G8 subscribed to the mission of IOCE, pledging support for the organisation. This was the catalyst required to stimulate research and development, and since then great advances have been made in all spheres of digital evidence management. When working on a matter where the case will rise or fall on the strength of digital evidence, for example where an allegation of possession of indecent images has been made, it is important to commission an independent forensic examination of all evidence and digital materials. This places the evidence into the wider context of the offence and enables barristers to make directions to the court based on a fuller appreciation of matter.

Assuming material has been seized by the authorities, the state will usually conduct their own forensic assessments (typically undertaken by the regional police hi-tech crime unit), the results of which will be provided to legal representations. The mechanics of this process involve the ‘imaging’ of the ‘target media’ – the process of making a forensically sound duplication of digital materials of interest (e.g. the computer hard drive). During this duplication process a ‘write-blocking’ device will be employed to ensure the target media is not affected or corrupted in any capacity whilst its content is read and mirrored. The actual forensic analysis is then made upon the duplicated material, with the original placed into secure storage and maintained in the state in which it was seized. The forensic analyst will then peruse the imaged copy to identify materials of potential evidence value, extracting copies as necessary to form the basis of the expert report.

Looking at this from a defence perspective, a number of questions should be posed in relation to the digital evidence (based on the Daubert threshold test that evaluates the competency of evidence in the United States):

• whether the theories and techniques employed by the scientific expert have been tested;

• whether they have been subjected to peer review and publication; • whether the techniques employed by the expert have a known error rate;

• whether they are subject to standards governing their application; and

• whether the theories and techniques employed by the expert enjoy widespread acceptance.

Putting abuses of technology on a statutory footing, Britain has a suite of legislation that can be invoked, from the Computer Misuse Act 1990 to the Regulation of Investigatory Powers Act 2000.

Today digital forensics is an accepted science, and evidence duly secured in relation to best practices (in the UK these guidelines are outlined by the Association of Chief Police Officers) can be served in a court of law. Digital forensics are providing breakthroughs in all manner of high profile cases around the world, helping security and law enforcement agencies to catch offenders and secure convictions.

In the US, for example, the notorious BTK serial killer that had a reign of terror lasting over twenty five years in the Wichita areas, was ultimately tracked down after he sent a disk to a local radio station gloating at the police’s inability to catch him. Unique digital footprints embedded within the files were extracted by forensic specialists, and like a lone fingerprint, investigators now had a powerful lead – all they needed was to match the file to the computer that had created it (much like having a fingerprint but not a suspect’s hand to match it with). Wichita Police then conducted a house to house search, taking file samples from every computer encountered. Back in the laboratory, the file footprints were compared to the sample disk posted by the BTK killer, eventually finding a match. This tied the floppy disk to Dennis Radar’s PC, a virtual smoking gun as far the prosecution were concerned. This digital evidence became a pivotal element of the State’s case and ultimately helped secure a conviction.

In the UK the 2002 murders of Holly Wells and Jessica Chapman in Soham, Cambridgeshire, also saw digital forensics play a crucial, but largely unknown, role in the investigation. Technical analysts examined one of the girl’s mobile phone to identify where it was located when it had been turned off. Information on the nearest network communication tower tends to be stored in a phone’s memory and when the signal coverage of that tower is plotted, it is possible to identify the rough area (typically a few square kilometres) in which the phone was located when it was switched off. Having extracted this information from the handset, authorities had a rough idea of where to base their search; which ultimately led to the recovery of the two girl’s bodies.

Speaking in an interview several years after his pioneering research on the Manhattan Project where atomic reaction theory was developed, scientific visionary Oppenheimer explained that ‘the scientist is free to ask any question, to doubt any assertion, to seek for any evidence’. This thinking holds especially true when applied to the discipline of forensic computing in a legal context. Here experts may be instructed by either the prosecution or the defence, however, in either instance, they have a higher duty to the court. They are instructed as experts, but experts for the truth. It is important therefore to ensure that the experts instructed are duly qualified, experienced and independent.

Commenting on the nature of digital evidence, John Brown, Partner at Hogan Brown Solicitors, explained how the fragile nature of digital evidence can pose serious challenges to the investigator: ‘digital material is extremely volatile – perhaps more delicate than its physical counterparts. It can be copied, amended, and transferred without almost any trace – only experienced and qualified specialists should be employed to work in a digital forensic environment if the subsequent findings are to withstand the scrutiny of a court of law’. When working on a matter where the case will rise or fall on the strength of the digital evidence, perhaps where an allegation of possession of indecent images has been made, it is important to commission an independent forensic examination of all evidence and digital materials. It is also important that lawyers, when they try to find an expert witness choose someone with the necessary skills who is not only able to prepare an objective, unbiased report but also deliver oral testimony if required.

Forensic computing and the securing of digital evidence is a powerful tool in today’s fight against increasingly technically-savvy criminals. It is a discipline that continues to evolve and should remain high on the radar for both legal practitioners and law enforcement authorities.

Ross Patel is a forensic computer consultant with Afentis Forensics. You can view the company profile and find an expert witness at X-Pro UK, the innovative expert witness directory.

Find More Expert Witness Articles

Law Offices of Heath D. Harte Comments on Recent Article about Ex-Convicts Who Profit from their Criminal Activity by Booking Speaking Engagements

(PRWEB) July 17, 2014

Heath D. Harte, an attorney-at-law with over twenty-five years of experience practicing in Connecticut and New York, released a statement today commenting on a recent article that highlights the increase in ex-convicts who are receiving payment for lectures and appearances to teach lawyers and other professionals about their experiences.

The recent ABAJournal article* highlights the example of former Enron CFO, Andrew Fastow, who pled guilty to conspiracy to commit wire and securities fraud in 2004. Last year, Fastow spoke to the Association of Certified Fraud Examiners. The article also mentions other white-collar convicted criminals who have financially benefitted from speaking engagements, including Scott London (formerly of KPMG, convicted of insider trading), and Humberto Aguilar (a former attorney who went to prison for money laundering). London and Aguilar have had numerous speaking engagements and appearances. Although the ACFE does not make direct payments to ex-cons, the article explains that the speakers can still profit from the increased visibility. Augilar, for example, said he often books appearances that earn $ 5,000-6,000 per appearance as an expert witness and a consultant on how to prevent these crimes.

Heath D. Harte believes this trend in profiting off of having a criminal past is wrong, and that changes should be made so that ex-cons do not continue to profit from their crimes. “White collar crime should NOT pay,” he states. “Being convicted of fraud appears to open many doors to lucrative speaking engagements. If murderers cannot receive payment or profit for their story, similar legislation should be applied to other ex-convicts that are profiting from their illegal activities.”

For more information on the Law Offices of Health D. Harte please visit: http://www.hartelawoffice.com/

About the Law Offices of Heath D. Harte

With over 25 years of experience, the Law Offices of Heath D. Harte is a full service law firm concentrating in Criminal Law, Personal Injury Law, Estate Planning, and Real Estate. While traditional in service and style, with smart use of experience and leveraging state of the art technology to streamline services, the firm cuts out excessive overhead usually associated with law firms. Lower overhead means that the firm can offer the same service one expects from a prestigious law firm, like the Law Offices of Heath D. Harte, at lower, more affordable costs to clients. The firm’s ultimate goal is to provide aggressive, reliable and effective legal representation at an affordable price. The firm also offers creative fee structures to accommodate clients’ needs, especially in today’s economic climate.

Contact

To learn more about The Law Offices of Heath D. Harte locations and services, please contact:

The Law Offices of Heath D. Harte

1700 Bedford Street, Suite 102

Stamford, CT 06905

Office: (203) 724-9555

questions(at)hartelawoffice(dot)com

http://www.HarteLawOffice.com


“Former fraudsters and money launderers hit the lecture circuit; ex-lawyer earns up to $ 6K per speech,” ABA Journal, July 7 2014, http://www.abajournal.com/news/article/former_fraudsters_and_money_launderers_hit_the_lecture_circuit_ex-lawyer/




Related Expert Witness Press Releases

Forensic Expert Witness Association to Host Panel Discussion on The Use of Expert Witnesses in Criminal Proceedings

Chicago, IL (PRWEB) June 06, 2014

The Chicago Chapter of the Forensic Expert Witness Association (FEWA) is pleased to announce its summer 2014 educational and networking meeting focusing on the topic of “The Use of Expert Witnesses in Criminal Proceedings” for forensic consultants and members of the legal community. FEWA is a national non-profit professional membership organization of experts who provide forensic services in all technical specialties.

Panelists Diane MacArthur, Assistant U.S. Attorney and Senior Trial Counsel, Northern District of Illinois, Mark Ertler, Cook County State’s Attorney’s Office Forensic Unit Supervisor and John Marshal Law School Faculty Member, and Lisa Noller, Esq. of Foley & Lardner, Vice-Chair Government Enforcement, Compliance and White Collar Defense Practice, will discuss how attorneys litigating criminal cases choose expert witnesses, what characteristics are important in the expert witness, and how attorneys find experts. The panel will be moderated by Venice Meyer, CPA/CFF, CBFE, Director, Duff & Phelps, Global Forensic Services.

According to FEWA Midwest Program Co-chair Marnie Gucciard, of McGovern & Greene, “Our FEWA Chicago summer meeting traditionally features regional leaders in the legal field. This year we continue this tradition with speakers from the US Department of Justice, the State’s Attorney Office and an international law firm which was founded here in the Midwest.”

The meeting is Thursday, June 26, 2014 from 8:00 – 9:30 am at the Conference Center of Kubasiak, Fylstra, Thorpe & Rotunno in Chicago, IL. To learn more and register visit http://www.forensic.org or call the FEWA National Office at (415) 369-9614.

Speaking will be in a personal capacity. MCLE and CPE credits are pending approval.

Join us on LinkedIn! https://www.linkedin.com/pub/forensic-expert-witness-association/21/17a/85b







Related Expert Witness Press Releases