DIGITAL FORENSIC- PROCESSING CRIME & INCIDENT SCENE

Topic: DIGITAL FORENSIC- PROCESSING CRIME & INCIDENT SCENE

Created by: Niranjan S

Volunteer, Shivi Forensics

Introduction 

Digital evidence can be any kind of information that is saved or shared using technology. Courts in the U. S. treat digital evidence just like physical evidence. Digital data is something you can physically touch. Some cases need all digital evidence to be printed out before it can be shown in court.

Common tasks that investigators do when dealing with digital evidence include:

• Finding digital information or items that could be used as proof

• Collecting, keeping safe, and recording evidence

• Studying, recognizing, and sorting through evidence

• Rebuilding evidence or recreating a situation to make sure the outcomes can be repeated successfully.

• When packing computers and examining scene of crime it should be done in a organized way.

• Should follow updated & latest rules and guidelines while collecting, handling, storing, and submitting digital evidence.

Demo: Metadata in FTK

👉🏻 Start by saving a Word document.

👉🏻  In FTK:

👉🏻  Click “No,” then “OK,” and “OK” again to get past the demo warnings.

👉🏻  Go right to using the program.

👉🏻  Choose “File,” then “Add Evidence.”

👉🏻  Type in your name, then click “Next” twice.

👉🏻  Hit the “Add Evidence” button.

👉🏻  Select individual file and click to continue.

👉🏻  Find your Word document and double-click it.

👉🏻  Click “OK,” “Next,” and then “Continue.”

Collecting Evidence in Private-Sector Incident Scenes

• Private-sector groups include:

• Companies and government agencies doesn't show some documents to public so it must been maintained confidential under FOIA, where on the basis of FOIA lets public ask for copies of public documents.

• An important type of private-sector business includes Internet Service Providers (ISPs) and other communication firms.

• ISPs can check into computer problems caused by their workers but not by their customers, unless there's an emergency.

• Investigating and managing computer incident scenes in businesses is generally simpler than in criminal cases.

• Often, the site of the incident is a work location.

• Usually, companies keep track of their computer hardware and software through inventory lists.

• This helps in identifying the computer forensics tools that are necessary to look into a policy violation and figure out how to best do that analysis.

• A corporate policy statement regarding the improper use of computing resources allows company investigators to carry out surveillance with little or no reason and access company systems without needing a warrant.

Preparing for a Search

👉🏻  Getting ready for a computer search and taking things away

– This is the most crucial part of looking into computer crimes.

👉🏻  To carry out these actions

– You may need to gather information from the victim and a source.

👉🏻 This source could be a police officer involved in the case, a witness from law enforcement, or someone who works with the person being investigated.

Determining the Tools You Need

👉🏻  Gather tools based on what you know from the incident and crime scene.

👉🏻  Initial-response field kit – easy and very lite which makes the kit to carry for the crime scene.

👉🏻  Extensive-response field kit – This kit includes every tool you can afford.

Securing a Computer Incident or Crime Scene

👉🏻  Goals

– Keep the evidence safe.

– Maintain confidentiality of information.

👉🏻  Set up a secure area

– Use yellow tape to mark it.

– You have to keep out people who shouldn’t be there.

👉🏻 Curiosity from professionals can ruin evidence

– This concerns police officers and others not involved in managing the crime scene.

Planning Your Investigation

• Write down what you think or know.

– Some events might be connected, or they might not be.

– The suspect's computer could have important information about the case.

– Remember that someone else might have used the suspect's computer.

• Create a copy of the suspect's computer hard drive.

• Examine the forensic copy for clues.

FOLLOW OUR SOCIAL MEDIA FOR MORE UPDATES 

Youtube 👉🏻 https://m.youtube.com/@Shivi_Forensics

Instagram 👉🏻 https://www.instagram.com/shivi_forensics

Facebook 👉🏻 https://www.facebook.com/Shiviforensics

Linkedin 👉🏻 https://www.linkedin.com/company/shiviforensics

Join the Whatsapp Channel for more updates

Link 🔗 https://whatsapp.com/channel/0029VbBdnNR3wtb6w4hurm3h

𝐒𝐡𝐢𝐯𝐢 𝐅𝐨𝐫𝐞𝐧𝐬𝐢𝐜𝐬 

Its time to study and spread knowledge

Contact us

+918576803105

shiviforensics@gmail.com