A police officer rushes on to a crime scene, plays with the computer and executes some 150 evidence gathering commands in 15 minutes. A scene from CSI? No, this is a common scene for investigating police officers; thanks to Microsoft.
Microsoft had released a free tool (Beta version) called - Computer Online Forensic Evidence Extractor (COFEE), that can be loaded onto a portable device such as a USB drive. COFEE automates some 150 evidence-gathering commands for computers in short time. This tool was available only to law enforcement agencies to test the functionality and strength of the tool. Being a Microsoft product, COFEE is designed to extract information from Windows-based systems only.
The best part with the tool is that an officer with “no or basic training” can extract the data in about 15 minutes and maintain its integrity. It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.
Many law enforcement agencies in around 15 countries, including Poland, Philippines, Germany, New Zealand and the United States have been using COFEE to crack a variety of online crimes and recover digital evidence. And seeing the success of the beta version, Microsoft has decided to roll out its release version soon, with more features.
We have been providing an array of services to our clients over the past years. From data recovery to vulnerability testing, from forensic investigation to support for proprietary products; we have been doing it all. Through this we have gained valuable experience and expertise in various projects. Also this has resulted in providing more services which are complex in nature and require expertise.
Mentioned below are the services that we currently provide.
Either a good way to conceal data, or an under-utilised way of compressing information when sending it alongside images - either way, Steganography is a neat idea. Sadly, generally used for nefarious purposes.
The U.S. advisory firm KPMG, recently launched a new product - GETS 2.0. Global Evidence Tracking System 2.0 (GETS 2.0) will help clients track physical and logical evidence for investigation projects - from collection through the processing and production stages. It is designed to provide a systematic order of digital evidence, preservation of processed data, and document the chain of custody for digital evidence.
In addition, it also includes a task history feature that provides a detailed processing status and history of each item of evidence.
Thus, GETS 2.0 is designed to provide clients with a tailored approach to digital forensic evidence management. The tracking system will not only enhance the data collection process, but also the preservation process.
As i do it every Friday by posting some useful links which can help someone looking for solutions in the forensic space. So here are today’s links covering some articles and news related to password protection, data recovery and examining the digital evidences.
I was researching for the training providers in forensics space to understand how training is provided in this field. Basically, I was hunting for institutes/organisations which provide online/offline training to law enforcement agencies, professionals and students. Here is what i have found out so far -
You see a nice picture on the internet and say WOW! You now think of downloading the same and forwarding it to your friends. But wait, this can land you in a terror network.
For the terrorists are playing havoc by increasingly adopting a technique called steganography for communicating devastating messages in codes. Steganography involves hiding a message which could contain text, images or maps inside a picture, music file or video on a web page or by e-mail. These messages are harder to find than encrypted ones because they can be hidden amongst any of the billions of web pages. Hidden messages can only be found by someone who knows where to look.
Its not that this technique has been adopted by the terrorists recently. They have used this method in the year 2001 in the Parliament attack (in India) on the 13 December and in the September 11 attack on World Trade Centre (in USA).
Terrorists easily hide vital and sensitive communication by mixing it with large amounts of public data. What might appear to be normal files to an innocent observer can have embedded secret message in it.
So it is advisable not to forward any message sent by unknown sources.
Forensic science is being used extensively by investigators, experts and law enforcement agencies to punish the criminals, develop more intelligence using more research and to implement certain principles, respectively. Here are some of the cases which speak for the importance of forensics in various fields and for various reasons.
1. The use of forensic science in criminal trials is critically important. But the system needs some immediate reforms. Radley Balko and Roger Koppl have come up with some suggestions and examples to bring some reforms to forensic science. Read more.
2. Prof. Charles Uwadia (President: Nigerian Computer Society), stressed on the importance of fighting cyber crime. He also asked for help from the Federal Government, when he was speaking at the annual general meeting and 30th anniversary of NCS. Read more.
3. Catching World’s high tech criminals becomes easier with the Logicube CellDEK. Nick Heath presents his review on this tool.Read more.
Given below are some useful links to articles, which will highlight the importance of data recovery, digital forensics and tips to prevent credit card fraud.
1. An article describing PC Pandora’s monitoring software that presents full visual and documented recording of everything that happens on the machine. Read more.
2. John J. Barbara explains Ethical Practices in Digital Forensics. Read more.
