What is Computer Forensics?

What is Computer Forensics?

Computers have radically changed the way we live your lives. Everyday living as become easier and technologically advanced decades ago. It has changed the way we work and the way we live in our houses. Children to day are sometimes even more technologically aware than their parents. Mobiles phones have gotten smaller and laptops have gotten slimmer.

With the launch of the Iphone that used the touch screen technology it will only be a matter of time when this idea permeates into other devices and appliances. Unfortunately, technology also makes it easier for criminals to their dirty job. However, computer forensics makes sure that technology is put to lawful use.

Everyone keeps up with the times, even the criminals. The internet is a public place which makes it vulnerable for fraud. Criminals often take advantage of unsuspecting victims. Law enforcement agencies have incorporated computer science in their investigation process to aid them with computer savvy criminals.

Crime and computers

We have seen a lot of Hollywood movies about hackers stealing from financial institutions. We have also seen two parties making their deals through bank transfers with a bunch of computers. Although these are not possible in real life, there are other ways that criminals can use computers.

Computer forensics is basically applying computer science to assist in the legal process. It entails the technological and systematic inspection of the contents of a computer system for evidence. Individuals in this field are called by different titles such as digital media analyst or computer forensics investigator. These people scanned a computer thoroughly to find out if they have used for a civil wrongdoing or criminal act.

The skills required are more than just normal data collection and using preservation techniques. Other definitions include the use of special tools to meet the Court’s criteria and not just a thorough examination of a computer for potential evidence. This definition is similar to Electric Evidentiary Recovery or e-discovery.

Most of the time computer forensic investigators investigate hard drives, portable data devices and data storage devices. These devices include USB Drives, Micro Drives and external Drives.

The first task of the computer forensic investigator is to find sources of documentary or digital evidence. The next step would be to preserve the evidence so that it could be analyzed later on. When dealing with computer systems, important files or data can be quickly lost.

The investigator should take the necessary test because data retrieval can be time consuming and costly. The investigator would then analyze the collected data for potential and supportive evidence. The final step would be presenting the findings. The investigator will render his opinion based on the examination and make a report.

The process of using computer forensics must comply with the standards of evidence that are acceptable in court. This field is both technical and legal. The investigator should also have a complete understanding of the suspect’s level of sophistication. If they don’t the suspects are assumed to be experts.

Investigators then presume that the criminal have installed a countermeasure to render forensic techniques useless. The computer will then be shutdown completely to prohibit the machine from making further modifications to its drives.

Computer technology has changed the way we live, work, and for others – commit crime. Although the internet may seem like a very convenient place users should always be wary for seemingly innocent offers.