As new means consumers and the general public can increasingly use services such as Silent Circle, Talk a Tone, Frogger and Guerrilla Mail, digital forensics experts are being challenged to take a deeper dive into how to obtain information from devices, networks and computers.
The more of these types of technologies there are, the more time it takes a digital forensics expert to obtain the information. In a criminal case, “time” is always the essence. The demand for understanding how multiple systems interact and work in different environments is on the rise.
When consumers and/or the general public seek a way to carry out damaging and criminal intention using antonymic means, it causes the digital forensics expert to dig harder and peel back multiple layers of the onion.
The professional, as a result, needs to turnover data of spoofed IPs, poisoned DNS and raw text data of payloads relating to where the criminal execution came from. From a user perspective, we see the privacy and security uses of these means. Preserving one’s privacy should be paramount.
It is important to understand both sides of the equation, namely, that these means need to be addressed in a manner that will respect and preserve the rights of the general public while holding bad actors accountable when needed.
As more users add layers and layers to spoofing to stay in the shadows, digital forensics tools are becoming more and more robust to ensure digital forensics experts can at least have a fighting chance.
It seems that there isn’t much one can do about the fact that consumers and the general public are figuring out ways to get around digital forensics. However, companies such as TrapX and McAfee Open DLZ are providing more in-depth features like digital forensics on demand. This aggregates all the information to a centralized location, thereby helping an investigation to proceed faster and more effectively.
The findings are then shared on a platform to other consumers of the product, so they can be up-to-date on certain security trends. Some bigger health companies and health providers are investing their time and money in these type of systems to ensure they are able to stay in the game.
Adding these types of applications and tools augments the defensive posture of the company. On the other hand, nothing really compares to the good old fashioned investigative thought process of understanding how a criminal thinks.
In order to catch a criminal, one needs to be able to think like one.
About the Author: Ricoh Danielson is a U.S. Army Combat Veteran of Iraq and Afghanistan. As a digital forensic expert in cell phone forensics for high profile criminal and civil cases, Ricoh has a heavy passion for information security and digital forensic that led him to start up his firm (Fortitude Tech LLC) in the middle of law school to become Phoenix’s heavy hitting digital forensic power house.
He is also a graduate of Thomas Jefferson School of Law, Colorado Tech University, and UCLA Anderson School of Management.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.