Wednesday, 20 July 2016

What Exactly is Computer Forensics?

The field of computer forensics has grown to become a science in itself. Computer forensics is also known as cyber forensics. It involves applying computer investigation and analysis techniques to solve a crime and provide evidence to support a case. Investigators often use proprietary forensic applications and software programs to examine computer hard drives, extract certain types of data from files and folders, and also to recover information from encrypted files. This digital information must be organized and documented into an official report form to be presented in a court of law.

Computer Forensics Defined

The computer forensics definition can be broken down into several technical aspects of the actual science of computer forensics. The general definition of computer forensics is the processes and investigative methods used to find digital evidence and prepare it for legal proceedings. The more in-depth definition includes the preservation of media and data, identification of computer-related evidence, extraction of the data and interpretation. Interpretation is perhaps the most important element of the computer forensics definition because this is where forensics experts must draw conclusions from a formal forensic analysis.

Throughout the process of data gathering and interpretation, the computer forensics specialist must document everything in a structured fashion. They must report exactly what types of investigations were performed and document all of the steps taken to retrieve various files, folders and data. The courts can then apply various types of methodology and testimonies in order to determine whether evidence presented can actually be used in the legal proceedings. This is why computer forensics specialists must learn about the different legal processes involved in an investigation and make sure that there is always a high level of integrity of evidence.

Why the Computer Forensics Definition Can Change

It's important to recognize that there are two main types of computer forensics investigations so the computer forensics definition can change. The first involves investigations where a computer or digital technologies were used to perform the crime (cybercrime). The second is when a computer is used as the target of a crime, such as when a hacker retrieves sensitive information or someone has their identity stolen online. In both of these situations, the computer forensics definition may change slightly because the investigator uses different techniques and methodologies to solve the crime.



The digital forensic experts from DLA use their knowledge of investigation and forensic software to find and reveal the computer or mobile forensic evidence that your require.

Thursday, 14 July 2016

Straight Talk About Cyberstalking

Cyberstalking includes (repeatedly) sending threats or false accusations via email or mobile phone, making threatening or false posts on websites, stealing a person’s identity or data or spying and monitoring a person’s computer and internet use. Sometimes the threats can escalate into physical spaces.


There are just as many predators on the internet as there are in real life. Anyone can be stalked online but the majority of victims as in life offline are female. Stalking estimates show that 80% of stalking victims are women.

And the perpetrators are not just strangers. They can also be former, estranged or current partners, boyfriends or husbands. Domestic violence victims are one of the most vulnerable groups to traditional stalking so it’s no surprise they are vulnerable to cyberstalking as well.

As in other types of violence against women, cyberstalking is about power relations, intimidation and establishing control. If you are being stalked, know first and foremost that you did NOT “provoke” this harassment.

How can I prevent someone from stalking me online?

- Be careful what personal information you share online including in email, on social networking sites like Facebook, Twitter, Instagram, etc. It is very easy to glean information about where you live, the places you love to go to in your area and the people you care about from posts and pictures.

- Create a different email account for registering in social networking sites and other online spaces. It will help avoid spam and your personal email won´t be revealed if the online service doesn’t have a good privacy practice.

- Do not feel obligated to fill out all fields when registering online or provide identifying information such as birthdates and place in required fields.

- In your online user profile, use a photo that doesn’t identify you or your location, so you can’t be recognised.

- Consider using a name that is not your real name or a nickname as your email name, screen name or user ID. And try not to use common dates such as your birthday as the digits in your email name or password. Instead, pick a name that is gender- and age-neutral. Treat your email and/or internet account like you would your credit card, ID or passport number – very carefully.

- If you are breaking up with an intimate partner – especially if they are abusive, troubled, angry or difficult – reset every single password on all of your accounts, from email and social networking accounts to bank accounts, to something they cannot guess.

- Services such as Facebook change their privacy policy all the time, so it is a good idea to check your privacy settings to make sure you are sharing the information you want to share with people you trust and not the general internet public. Some sites have options for you to test how your profile is being viewed by others – test and make sure you only reveal what is absolutely necessary.

- What information are family and friends posting about you? Let them know your concerns about privacy and help them learn better privacy settings.

- Do an internet search of your name regularly and monitor where you appear online. If you find unauthorised info about yourself online, contact the website moderator to request its removal.

- Make sure that your internet service provider (ISP), cell phone service, instant messenger (called internet relay chat, or IRC in some terms of service) network and other services you use has an acceptable privacy policy that prohibits cyberstalking. If they have none, suggest they create one and/or switch to a provider that is more responsive to user privacy concerns and complaints.

Digital forensics takes much more than an average knowledge of all things digital, it requires a thorough understanding of investigative process, the law of evidence and of naturally the appropriate background to criminal and civil investigations.

Contact DLA today and let us follow the digital trail to find the evidence you need!

Wednesday, 6 July 2016

When should you consider using computer forensics?

If any form of digital information is even remotely involved in a case or legal situation, a computer forensic examination will be required. Digital information has invaded virtually every aspect of our day-to-day existence, having become a basic component of our lives, from computers, to smartphones, to social networking, digital information plays a crucial role in almost every case.

Computer forensics differs from data recovery, which is, recovery of data after an event affecting the physical data, such as a hard drive crash. Computer forensics goes much further. Computer forensics is a complete computer examination with intricate analysis of digital information being the ultimate goal.


For a successful forensics examination, you must have all the information relevant to a matter, not only to construct effective legal strategies, but also to focus your expectations and efficiently budget your services. There is nothing more difficult to address than a case which has become complicated by new facts, where you once expected the matter to proceed smoothly and without significant cost. Knowing all the facts early in a matter, allows you to better prepare for those cases that will require significant legal expertise to manage.

In response to pending litigation, analysing your relevant ESI is an excellent way to discharge your duties to preserve evidence and avoid spoliation, while also acquiring all relevant information essential to your legal theories and strategies. Similarly, as part of critical business decisions, forensically analysing relevant computers and devices can provide essential information. For example, analysing the computers of corporate officers or employees as part of the termination process can alert you to possible litigation issues such as violation of non-compete agreements, improper copying of intellectual property, etc.

To prepare for litigation, an attorney ought to determine whether a Request for Production of Documents will obtain all relevant evidence. A simple question to ask is whether you want to discover part of the relevant information (i.e. visible by your opponent’s operating system) or all of it (deleted, hidden, orphaned data, etc). It is not unrealistic to anticipate that information contained on a computer system which is helpful to a matter would be saved, while that which is harmful would be deleted, hidden, or rendered invisible. For example, in sexual harassment cases, it is not unusual to discover deleted emails and other data invisible to the operating system that significantly impacts the case. Computer forensic analysis extracts all the emails, memos, and other data that can be viewed with the operating system, as well as all invisible data. In many cases, the invisible data completely changes the nature of a claim or defense, often leading to early settlement and avoiding surprises during litigation.

In any situation in which one or more computers may have been used in an inappropriate manner, it is essential to call a forensic expert. Only a computer forensic analyst will be able to preserve, extract, and analyze the vital data that records the “tracks” left behind by inappropriate use. Taking the wrong steps in these circumstances can irrevocably destroy the vestiges of wrongful use that may result in litigation or criminal prosecution.


Digital, computer and mobile forensics requires much more than what you may think. At DLA, our seasoned investigators use a special set of skills and tools to recover or find the digital data that you need!