person in front of laptop on brown wooden table

How is Computer Forensic used as Evidence?

We now live in a world where everything is connected. We can have spontaneous conversations or execute multimillion-dollar financial transactions with people on the other side of the world for a little cost and in a short amount of time. The world is becoming closer as internet usage continues to rise. There is no doubt that computer-generated environments have given businesses of all types around the world new levels of efficacy and connectivity. However, it has also managed to generate a serious issue for all users of the new virtual world: computer crimes.

Computer crime has evolved into a profession. It refers to crimes involving the use of a computer, a computer connected to the internet, or another computer network. It has transformed cybercriminals from conventional geeks confined to their bedrooms into organized gangsters involved in money laundering, drug trafficking, and extortion.

Violent and non-violent computer crimes are two types of computer crimes. The use of viruses, worms, and Trojans to infect a system and spread over a network is not new, but advances in these technologies have resulted in irreversible destruction to the infected system and network. Computer crimes have become so common in recent years that they have largely overtaken traditional organized crime.

Computer crimes are crimes committed using a computer or a network as the source, tool, target, or location. The word “computer crime” is both wide and generic. In simple words, computer crimes involve criminal conduct involving an information technology infrastructure, such as unlawful access, illegal interception, data and system interference, device misuse, forgery, and electronic fraud. Criminal offenses that include the use of the internet or another computer network as a component of the crime are referred to as cybercrimes. The mechanism employed to victimize people is the difference between computer crime and cybercrime.

As mentioned in the definition of Cybercrimes computers and networks can participate in the crimes in several different ways. Some of them are:-

  • The computer or the network can be used to commit the crime.
  • The computer or the network can be the target or the victim of the crime.
  • The computer or the network can be used to store information related to certain crimes.

Why is computer forensics important?

In the civil and criminal justice systems, computer forensics is employed to protect the integrity of digital evidence presented in court cases. As computers and other data-gathering devices are used increasingly often in many aspects of life, digital evidence — and the forensic method used to collect, store, and investigate it — has become more important in solving crimes and other legal matters.

Much of the data collected by modern devices is never seen by the average individual. For example, cars’ computers continuously collect data on whether the driver brakes, switches, or changes speed without the driver’s knowledge. This data, on the other hand, can be critical in resolving a legal dispute or a crime, and computer forensics is commonly used to locate and preserve it.

Data theft, network breaches, and illicit internet transactions are just some of the crimes that can be solved with digital evidence. In the actual world, it’s also used to solve physical crimes including burglary, assault, hit-and-run accidents, and murder. Businesses commonly adopt a multilayered data management, data governance, and network security strategy to keep proprietary information secure. Having data that is well-managed and secure might speed up the forensic procedure if the data is under-investigated.

Use as evidence

Computer forensic evidence is held to the same standards as other digital evidence in court. This requires the use of original, dependable, and admissible data. For evidence recovery, different countries have different guidelines and techniques. Examiners in the United Kingdom frequently follow criteria established by the Association of Chief Police Officers to verify the validity and integrity of evidence. The guidelines are frequently accepted in British courts, even though they are voluntary.

Since the mid-1980s, computer forensics has been utilized as evidence in criminal cases. Some significant examples include:

● Dennis Rader, often known as the BTK Killer, was convicted of a spate of sixteen-year-long serial killings. Rader used a floppy disc to send letters to the police near the end of this period. The documents contained metadata that linked an author named “Dennis” at “Christ Lutheran Church,” and this evidence assisted in Rader’s arrest.

● Joseph Edward Duncan; Duncan’s computer had proof that he was plotting his crimes, according to a spreadsheet found on his computer. This was utilized by prosecutors to prove premeditation and secure the death punishment.

● Sharon Lopatka; Hundreds of emails found on Sharon Lopatka’s computer led investigators to her assailant, Robert Glass.

● The Corcoran Group; This decision clarified that parties have a legal obligation to preserve digital evidence when litigation has begun or is reasonably anticipated. A computer forensics specialist examined the hard discs and found no pertinent emails that the Defendants should have received. Even though the expert discovered no evidence of deletion on the hard drives, evidence emerged showing the defendants had purposefully erased emails, deceived the plaintiffs, and failed to disclose key facts to the court.

● Dr. Conrad Murray; Dr. Conrad Murray, Michael Jackson’s doctor, was largely convicted based on digital evidence on his computer. Medical records demonstrating deadly doses of propofol were included in the evidence.

● Theft of Apple’s trade secrets; Apple’s autonomous car division engineer Xiaolang Zhang announced his retirement and stated that he will be returning to China to care for his elderly mother. His manager was suspicious when he informed him he was going to work for the Chinese electronic car business. According to an affidavit filed by the FBI, Apple’s security team examined Zhang’s activities on the business network and discovered that, in the days leading up to his resignation. He downloaded trade secrets from confidential company databases to which he had access. In 2018, the FBI indicted him.

● Enron; Enron, a U.S. energy, commodities, and services corporation that went bankrupt in 2001, illegally reported billions of dollars in revenue, bringing financial hardship to many employees and others who had invested in the company. Terabytes of data were studied by computer forensic analysts to decipher the complicated fraud operation. The incident had a significant impact on the Sarbanes-Oxley Act of 2002, which set new accounting compliance regulations for public companies. In 2001, the company declared bankruptcy.

● Theft of Google trade secrets; In 2019, Anthony Scott Levandowski, a former Uber, and Google executive were charged with 33 counts of trade secret theft. Between 2009 and 2016, Levandowski worked at Google’s self-driving car division, where he copied tens of thousands of files from a password-protected corporate server. He left Google, according to The New York Times, to start Otto, a self-driving truck company that Uber bought in 2016. Levandowski was sentenced to 18 months in jail and $851,499 in fines and restitution after pleading guilty to one count of trade secrets theft. Levandowski was granted a presidential pardon, in January 2021.

● Larry Thomas is a well-known author. In 2016, Thomas shot and killed Rito Llamas-Juarez. He was later convicted based on hundreds of Facebook posts he made under the alias Slaughtaboi Larro. A photo of him wearing a bracelet found at the crime scene was posted in one of the posts.

Examples of other common situations in which computer forensics is used as evidence:

● When corporate information is accidentally or purposefully disclosed without permission.

● When an employee steals intellectual property from their employer and either sells it to a competitor or utilizes it to start their own business.

● When a worker disregards a computer regulation, such as when and how to access the Internet. Some businesses establish guidelines for how computers and the Internet should be used.

● If the office systems are utilized for any illegal conduct, computer forensics can assist in determining when and how the illicit activity occurred.

● After an occurrence, damage analysis and evaluation are performed.

● White-collar crime is a term used to describe crimes committed by those who work in this profession.

● These are nonviolent, financial-motivated crimes perpetrated by the government or commercial officials. Identity theft, Ponzi scams, and advance-fee schemes are examples of these crimes.

● White-collar crimes have the potential to wipe out life savings, damage businesses, and cost investors billions of dollars. Computer forensics can aid in the investigation of these types of crimes.

● Industrial espionage is a term used to describe the act of stealing information. This entails recording or copying private papers to steal trade secrets from a competitor. Secret formulas, product specifications, and company plans are some of the documents involved. Industrial espionage is a crime, and computer forensics can aid in the investigation.

● This entails knowingly giving inaccurate or misleading information to acquire an unfair advantage.

● A lot of fraud is committed via the Internet or technology, and computer forensics can assist in the investigation of these crimes. Sexual harassment, dishonesty, and negligence are all issues that need to be addressed.

● Information gathered could be used to terminate a person’s job in the future. Cases involving general criminal and civil law. This is because criminals frequently keep information on computers.

● Computer forensics can also assist commercial organizations and businesses in issues of intellectual property theft, forgeries, employment disputes, bankruptcy investigations, and fraud compliance.

Computer forensics is sometimes required by law enforcement to investigate a crime. In circumstances of denial-of-service assaults and hacking, the computer system itself may become a crime scene. The computer system may have proof of the crime. Many people mistakenly or unintentionally store information in computer systems. Emails, documents, and Internet history may be used as evidence in computer forensics investigations. There could also contain papers related to kidnapping, drug trafficking, money laundering, or fraud.

Law enforcement authorities can examine a file’s metadata to learn more about a crime in addition to the information on the computer. When the file was first created when it was edited, and when it was printed or last saved, the computer forensics expert will ascertain. The forensics investigation can also reveal which user was responsible for these actions. To be acceptable in court, the evidence in all of these cases must be properly obtained and handled. This is the only method that which the information gathered may be used as evidence to back up allegations or defend a person against them.

error: Content is protected !!