How to Keep your Smartphone Secure

Your smartphone is no different to your property or house when it comes to safety – you have to use common sense!

Here are eight easy tips on how to keep your smartphone safe and secure:

      1.       Use a password

Always set up a password, pin or pattern to be able to access your phone. For Android: go to Location & Security. For iOS: go to Settings -> Touch ID & Passcode.

      2.       Only download from trusted stores

Use places like Google Play and the App Store to download your games and apps. Also make sure to always read the ratings and reviews if they’re available.

      3.       Back up your data

Protect your information in case an attack happens by backing up your data. If your data ever gets lost, we can recover it. Contact the experts at DLA to get your data back!

      4.       Update your OS and apps

Most updates are just for new features, but sometimes they are also to up the security.

      5.       Log out!

If you do your banking or online shopping on your cellular device, always make sure to log out afterwards. Never keep your passwords and usernames on your phone and try to avoid using public Wi-Fi.

      6.       Turn off Wi-Fi and Bluetooth

You may think it’s just a way to connect to free Wi-Fi, but hackers can also use it to access your device and data.

      7.       Don’t give out personal info

That email you received that looks like it’s from your bank may be spam. If you get SMS’s or emails asking you to fill in your private info and login, always contact the business and confirm it is actually legit. 

The Importance of a Strong Password

Too many people come to us in a frenzy complaining that either their data has been lost or stolen OR they simply cannot remember their password. When you don’t have a password you cant access or protect your files, on the other hand even if you do have a password you need to ensure it is 100% foolproof so you don’t end up being the victim!

DLA offers password recovery services for businesses and personal computer users, using only the latest technologies to achieve the password recovery results you need. Our forensic recovery service includes recovering passwords from zipped files, word documents, excel files and of course logon profiles on computers.

We are able to access what cannot be seen using the latest forensic technology. Using state of the art cellular forensics tools we are also able to bypass 98% of device passwords to read the device directly without needing to know the handsets logon or password. 

We can also perform cellular forensics as well as data recovery from laptops, computers, cell phones and media devices such as tablets.

Do not hesitate to contact DLA for professional and affordable services in Cape Town and the surrounding areas!

The 5 cyber-attacks you're most likely to face

The fact is most companies face the same threats and should be doing their utmost to counteract those risks. However at some point you may lose your precious data to a vicious cyber-attack, if you’re ever in this position, contact the experts at DLA for assistance!

Here are the five most common successful cyber-attacks.

Cyber-attack No. 1: Socially engineered Trojans

This is the No. 1 method of attack. Usually, a website will tell users they are infected by viruses and need to run fake antivirus software. Also, they're nearly out of free disk space and need a fake disk defragger. Finally, they must install an otherwise unnecessary program, often a fake Adobe Reader or an equally well-known program. The user executes the malware, clicking past browser warnings that the program could possibly be harmful. Voilà, exploit accomplished!

Cyber-attack No. 2: Unpatched software

Coming in a distant second is software with known, but unpatched exploits. The most common unpatched and exploited programs are Java, Adobe Reader, and Adobe Flash.

The best countermeasure is to stop what you’re doing right now and make sure your patching is perfect!

Cyber-attack No. 3: Phishing attacks

About 70% of emails are spam. Even though there are anti-spam vendors, you will probably receive several spam emails each day, and a least a few of them each week are darned good phishing replicas of legitimate emails.

Cyber-attack No. 4: Network-traveling worms

Computer viruses aren't much of a threat anymore, but their network-traveling worm cousins are. We don't see the massive outbreaks of the past with email attachment worms, but the network-traveling variety is able to hide far better than its email relatives.

Cyber-attack No. 5: Advanced persistent threats

APTs usually gain a foothold using socially engineered Trojans or phishing attacks.

A very popular method is for APT attackers to send a very specific phishing campaign -- known as spearphishing -- to multiple employee email addresses. The phishing email contains a Trojan attachment, which at least one employee is tricked into running. After the initial execution and first computer takeover, APT attackers can compromise an entire enterprise in a matter of hours. It's easy to accomplish, but a royal pain to clean up.

Never forget the victim (and their device)!

Regardless if your case involves computers, tablets, iPhones, Android devices or all of the above, one thing the investigative community can agree on is, every case is different.  

Sure, certain cases will follow a workflow pattern, but the circumstances of every case, the suspects/targets, investigators and victims all take on different faces, which can alter your approach to conducting digital forensic analysis in the case slightly or dramatically.  We’ve all seen a surge in criminal (and civil) cases involving smart phones and other mobile devices and with that comes the mountain of evidence that is contained on a those powerful pocket computers that can store up to 128 GB of data (or more).

But consider this: You may only be getting half of the story if the only device you seize and analyze is that belonging to the target of your investigation.

The digital forensic experts at DLA encourage anyone who needs data, SMS, WhatsApp, password recovery, and so much more, to contact them today!  

• Case Application 

The best case example we can use to illustrate this point is the investigation of a rape allegation.  Rape doesn’t happen in a bubble, it takes two people (or more) for a rape to occur.  And virtually everyone involved in these incidents owns & uses a smart phone on a daily basis.  Frequently, rape occurs when the alleged perpetrator knows the victim, either in some sort of early-stage relationship, a family friend, relative, etc.  Because experienced investigators know this to be true and many reports will validate this, it is your investigative responsibility to prove or disprove the claim.  In order to help do that, you need to seize not only the target’s phone data, but also the alleged victim’s phone data – all as soon as possible.

The best (and sometimes worst) thing about mobile device forensics is, once the data is extracted, it belongs to the digital forensic examiners. It is a digital snapshot of whatever was present on the device at the time the extraction took place and, depending on the device, may also give us access to deleted information.  So in the interest of conducting a thorough investigation, I put forth that when an alleged rape victim makes the report, investigators should make it a regular and common practice to ask for consent to perform a data extraction on his/her phone.  It is simply the easiest way to get a 360-degree view of the case.

• A More Holistic View of the Data

Consider also what happens in the mind of the target after they know they may have committed a crime.  Text and chat messages are deleted.  Pictures of the alleged victim get erased from the device.  They may even dispose of the device altogether and replace it with a new, fresh phone that has virtually no useful evidence contained on it.  

Wouldn’t it be nice if the other side of those conversations still existed on another device?  What’s more, by grabbing the data from the alleged victim’s phone, you work toward a more complete investigation of the allegation.  It is an unfortunate reality that there are often false reports of serious crimes.  This certainly doesn’t mean that we automatically assume the victim may be lying, but it is our responsibility to fully investigate the case to determine what actually happened.  Victims and eye witnesses are notoriously unreliable for different reasons.  When victims are subjected to trauma, their accurate recollection of the incident can suffer to a degree, so that puts even more oneness on the investigator to try and piece the puzzle together.

The best part about the data is it doesn’t lie.  It has a perfect memory and it’s all documented, complete with date and time stamps, GPS coordinates, network activity and other great pieces of evidence that are very hard to spoof or fake, if not nearly impossible for most mobile device users. 

Never forget there is always more than one person involved in the investigation. Grabbing the alleged victim’s cell phone data in this circumstance could mean the difference between an innocent person being convicted of a serious crime or being exonerated fully.  When all the facts have been completely uncovered, the truth must remain and will have to hold up in a court of law. 

The Anatomy of a Mobile Attack

A mobile attack can involve the device layer, the network layer, the data centre, or a combination of these. Inherent platform vulnerabilities and social engineering continue to pose major opportunities for cyber thieves and thus significant challenges for those looking protect user data.

If you’ve been the victim of a mobile attack, don’t hesitate – contact the digital forensic experts at DLA and we can help you recover your precious cellular data quickly and effectively.

ATTACK SURFACE: DEVICE

Browser

- Phishing
- Framing
- Clickjacking
- Man-in-the-middle
- Buffer Overflow
- Data Caching

System

- No Passcode / Weak Passcode
- iOS Jailbreaking
- Android Rooting
- OS Data Caching
- Passwords & Data Accessible
- Carrier-Loaded Software
- No Encryption / Weak Encryption
- User-Initiated Code

Phone / SMS

- Baseband Attacks
- SMishing

Apps

- Sensitive Data Storage
- No Encryption / Weak Encryption
- Improper SSL Validation
- Config Manipulation
- Dynamic Runtime Injection
- Unintended Permissions
- Escalated Privileges

Malware

ATTACK SURFACE: NETWORK

- Wi-Fi (No Encryption / Weak Encryption)
- Rogue Access Point
- Packet Sniffing
- Man-In-The-Middle (MITM)
- Session Hijacking
- DNS Poisoning
- SSL Strip
- Fake SSL Certificate

ATTACK SURFACE: DATA CENTRE

Web Server

- Platform Vulnerabilities
- Server Misconfiguration
- Cross-site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- Weak Input Validation
- Brute Force Attacks

Database

- SQL Injection
- Privilege Escalation
- Data Dumping
- OS Command Execution

When the Trill of a Cell phone Brings the Clang of Prison Doors

It was a crucial moment in 2007 during the trial of Paul Cortez, an actor and yoga teacher who was ultimately convicted of killing his former girlfriend Catherine Woods, a dancer who was working as a stripper.

After weeks of testimony and a parade of witnesses, the case against Mr. Cortez boiled down to this: a bloody fingerprint and data collected from a cell phone.

A record from a T-Mobile cell phone transmission tower on the day Ms. Woods was murdered showed that Mr. Cortez called her 13 times in the hour and a half before her death, and then never again. He had told the police in a written statement that he made the calls from his home.

But as he called, the record showed his cell signal hitting a tower near his apartment, and gradually shifting to towers near Ms. Woods’s apartment. At trial, when the prosecutor questioned him about the discrepancy, Mr. Cortez changed course, saying he had made some of the calls from a Starbucks.

Examining cell phone data is a technique that has moved from being a masterful surprise in trials to being a standard tool in the investigative arsenal of the police and prosecutors, with records routinely provided by cell phone companies in response to subpoenas. 

Its use in prosecutions is often challenged, for privacy reasons and for technical reasons, especially when the data comes during the morning or evening rush, when circuits are crowded and calls can be redirected to other towers. But it is often allowed and is used by both prosecutors and defence attorneys to buttress their cases.

DLA combines the experience of two seasoned investigators with both criminal and civil backgrounds with the latest technologies for the best results.

We may never know how the FBI unlocked the shooter’s iPhone

We know now that the FBI was able to gain access to an iPhone 5C belonging to the San Bernardino shooter thanks to an outside security firm. What we don’t know is how it was done or even who did it. We may never know, thanks to the nature of the agreement between the FBI and the unnamed firm.

The government has what is known as the Vulnerabilities Equities Process, which is used to evaluate whether security flaws known by the government should be disclosed so they can be fixed. In this case, the exploit used to bypass the PIN lock on the shooter’s iPhone 5C is considered proprietary information by the company. Meaning, it’s not a publicly available exploit. It was either discovered by the firm, or more likely purchased from whoever uncovered it in the first place.

Having exclusive knowledge of an exploit allows a company to build a tool for bypassing security features, a hot commodity in law enforcement. These undisclosed exploits can sell for thousands, or even millions of dollars. For its part, the FBI probably couldn’t disclose the specifics of the hack even if it was permitted — it doesn’t know anything about the process.

Apple has said it would be interested in fixing the exploit, but it’s unlikely it affects newer iOS devices with hardware security features. The FBI isn’t likely to do Apple any favors even if it did have specifics. After getting a court order compelling Apple to assist with unlocking the phone, the company decided to fight it out in the courts. Virtually all tech firms rallied behind Apple, and the FBI eventually dropped the case and sought outside help. And the end result?Nothing significant has been found on the iPhone.

Digital and cellular forensics is much more than you may think. It requires a thorough understanding of investigative process, the law of evidence and of naturally the appropriate background to criminal and civil investigations. The forensic experts at DLA will follow the electronic trail to find the evidence that you need.

Israeli mobile forensics firm helping FBI unlock seized iPhone

The mobile forensics firm Cellebrite of Israel is reportedly assisting the Federal Bureau of Investigation in unlocking a seized iPhone that has become the center of a legal dispute between the bureau and Apple.

The revelation comes two days after the US government tentatively withdrew its demands that Apple write code and assist the authorities to unlock a seized iPhone used by one of the San Bernardino County shooters. The FBI told a federal judge that an "outside party demonstrated to the FBI a possible method for unlocking (Syed) Farook's iPhone." A federal magistrate then tentatively stayed her order demanding that Apple assist the authorities in unlocking the phone.

That same day, according to public records, the FBI committed to a $15 278 "action obligation" with Cellebrite. An "action obligation" is the lowest amount the government has agreed to pay. No other details of the contract were available, and the Justice Department declined comment. Cellebrite, however, has reportedly assisted US authorities in accessing an iPhone.

For now, US-based security experts believe that Cellebrite does have the wherewithal to perform the task.

"I'm really not at liberty to confirm the third party, but based on the techniques I've described in my blog on the subject, I think Cellebrite, as well as many large forensics firms like it, have the capability to perform such tasks," forensic scientist Jonathan Zdziarski told Ars in an e-mail. "DriveSavers, for example, has released statements yesterday suggesting they're almost there. I think the techniques are pretty straight forward for firms like these now that the tech community has had a chance to comment."

DLA is based in Cape Town and combines the experience of two seasoned investigators with both criminal and civil backgrounds with the latest technologies to achieve the results that you require - contact DLA today!

6 essential computer forensic tips

Cybercrime is becoming even more of a concern, which makes computer forensics a growing science. The worst thing a business can do when digital forensic professionals are working is to proceed carelessly. That is why it is vital to keep these tips in mind when a computer is being investigated on your watch.

1. A computer is a crime scene, and it needs to be treated as such. All investigation activity needs to be logged and all the equipment inventoried.

2. The machine should be isolated from the network.

3. Investigators should almost never work with the original hard disk or media or any original files. Rare exceptions to this rule include situations when turning off the computer will destroy evidence. But most often, examiners should make copies—and not just any copies, but forensically sound ones. Just backing up a drive, for example, will not transfer slack space and deleted files that need to be searched.

4. Don’t violate the chain of custody. If evidence is to be used in a legal case, it must be clearly established what the evidence is, where the evidence was, and what was done to it at all times. If there’s any suspicion that the evidence was tampered with or altered, then you may be left without a case.

5. Don’t be in a fixed frame of mind. No two investigations are alike. Because of this, investigators use training and experience to narrow the scope of an investigation.

6. Don’t digress. Remember that the point of an investigation is to determine three things: whether a violation took place, the exact sequence of events that took place, and finally, who was responsible.

In this day and age, businesses are all too vulnerable to high tech crimes. Whether the computers are used to commit felonies or simply to violate company policy – businesses can be embarrassed, inconvenienced and even shut down. If you are ever in this situation, contact the digital forensic experts at DLA!

Here’s how digital forensics can help solve personal injury cases

If society has learned one thing over the past several years since the introduction of the smart phone, it’s that data is everywhere. Long gone are the days when data was mostly on your home PC or laptop computer. 

Now, everyone carries a microcomputer in their pocket, tracking their every move. Even better, it’s equipped with a camera capable of taking pictures and video in high-definition and a microphone for recording audio along with video or as a stand-alone feature. Smart phones are documenting machines. If they weren’t, companies wouldn’t seek to have you put apps on them to be able to market products to you. They document not for safety or security, but to make big data companies and retailers lots and lots of money.

But this fact has an ancillary benefit for the professionals in digital forensics. It means that the micro-computer that is tracking your moves in order to market certain products to you also stores valuable evidence for use in investigation and litigation. SMS and WhatsApp messages, pictures, videos, notes, voicemail, call logs, web history and more are all extremely valuable pieces of evidence that may be obtained from smart phones.

If you’ve never thought about it before, think now about how much you use your smart phone and what you use it for. Then, think about all the high-tech tracking devices it has installed in it -- GPS, cellular antennas, wireless internet antennas and Bluetooth. All of these things leave a digital trace in the form of metadata on your device and can be retrieved by most mobile forensic tools and analysed and reported by a competent examiner. It’s a digital mountain of information that most users can’t access or even realize is present on their device… All you have to do is ask for it!

So, now that you know what is accessible on the device, how can you use it to benefit your case? First, it’s important to realize that the “CSI Effect” is an actual phenomenon. To believe that we can extract data that will be the smoking gun in your case is (mostly) not realistic. However, if you take the totality of the circumstances in your case, to include the digital forensic findings, the data that we can retrieve may very well paint a much clearer picture of what was going on in your case.

The best example in personal injury cases is texting-while-driving, which is a big deal in motor vehicle crash personal injury cases these days. Most personal injury attorneys would love to have proof that the opposing party was texting at the moment of the collision. Unfortunately, that’s probably not realistic.

However, what we can show is the activity leading up to that collision. For example, if the opposing party was on their way home from work and we know this to be a 20 minute commute and the collision happened 7 minutes into the drive, that’s one piece of the puzzle. If they were involved in a text conversation prior to and during that 7 minutes directly leading up to the collision, that’s another piece.

If they were also searching for places to order pizza on their mobile internet for when they got home, that’s yet another piece. All of these instances are recorded on the device with dates and times and sometimes, specific location. In the case of Facebook Messenger, messages that are sent routinely have the geo-location (latitude & longitude) of where the person was when the message was sent, providing a message-by-message diagram of where they were, proving that they were in fact texting-while-driving directly prior to that collision. What’s even better, this information can’t be deleted or altered by most end-users.

Texting-while-driving is probably the most universally understood example of the value of digital forensics in personal injury cases, but it’s just one example. The overall point is, if you have any evidence that a mobile device was involved in the injury of another, it pays to call a digital forensic consultant as soon as you know, such as DLA Digital Forensics today! It’s best for the client, it’s best for you and it helps everyone get on with their lives much quicker in the wake of what may have been a tragic accident.

The Apple vs. FBI congressional hearing

For two weeks, there has been a heated debate over the Apple vs. FBI debacle, and the two sides of the argument have stated their cases before the House Judiciary Committee at a hearing called "The Encryption Tightrope: Balancing Americans' Security and Privacy."

On one side, the FBI wants to force Apple to help them get into the iPhone of San Bernardino shooter Syed Farook; on the other side, Apple wants to maintain the security integrity of its devices and not set a precedent of the government forcing tech companies to develop workarounds to encryption.

The hearing took place in Washington DC. If you're interested in watching the testimony, you can watch the live video right here:

https://www.youtube.com/watch?v=g1GgnbN9oNw

Digital Forensics (cellular & computer based) requires much more than some well-developed software that can be purchased over the internet. It requires a thorough understanding of investigative process, the law of evidence and of naturally the appropriate background to criminal and civil investigations.

DLA is based in Cape Town and combines the experience of two seasoned investigators with both criminal and civil backgrounds with the latest technologies to achieve the results that you require - contact DLA today!

What is “Cellular Forensics” anyway?

So, what exactly is Cellular Forensics anyway? Well, forensics means “tests and techniques used in connection with the detection of crime.” Cellular? Every ones knows that deals with mobile phones and their technology.

Cellular forensics can also be referred to as Mobile forensics. So, when someone says Cellular forensics there are describing “the utilization of technology (software, hardware, techniques) that enables an examiner to secure, acquire, document and present the data found in a mobile phone.”

What good is Cellular Forensics? As some people say – you are what you click – and a cell phone tells a bunch about a person. Contacts, WhatsApp messages, Photos, location, SMSs and call history are just a few of the tell-all items in your phone. Imagine an employee sharing company secrets with the competition or a married man messaging his secret lover on WhatsApp… the information on their phone can be very damaging and valuable.

So, is this like your favourite show, CSI Miami? No not really! There is no one piece of hardware or software that can be used for the thousands of models of phones out there. But cellular forensic experts, like the professionals at DLA certainly know how to get their hands on the data on your cellphone that you thought was long gone!

Cellular forensics is like archaeology: you dig and dig using whatever proven tools you can find, and sometimes you crack the nut and other times you come away exhausted with little to show for your efforts.

Cellular Forensics today is not really a brand new field, however as our cell phones get more and more advanced, our methods need to be too.

Be careful what you text!

Couples who may be heading toward a nasty break-up should always be extra careful when they send SMSs or WhatsApp messages. These messages could end up as evidence against them in divorce court!

In the past years, because of advances in digital forensics, there has been a huge spike in the number of cases using evidence from iPhones and other smartphones.

With emails, you can always think about what you’re writing and rewrite them. There is a windows of opportunity to rethink what you are saying, however with instant messaging, it is immediate. Many people send out messages without even thinking.

This is described as “spontaneous venting” and it can come back to haunt you! These instant messages can be recovered at a later stage to reveal your thoughts, actions and intentions.

SMSs, WhatsApp messages and other instant messages have been the most common form of divorce evidence taken from smartphones, followed by emails, phone numbers, call history, GPS and internet search histories.

Divorce lawyers advise their clients not to use Facebook to send messages or post inappropriate statuses, as it is the main source of divorce evidence from social media. However, only about half the couples actually follow their advice.

Anything that is in writing, you have to assume that someday a judge is going to see it. So, if it is not something that you don’t want a judge to see – don’t write it down!

You can always erase your messages, but that doesn’t mean they erase theirs.

With the latest tools and forensic software, the digital investigators at DLA are able to assist investigators and attorneys from their Cape Town offices on a national basis.

At DLA, it is possible to forensically acquire material from basic handsets to the latest smartphones, from all mobile and cell phone manufacturers using a range of advanced forensic and data recovery techniques.

Cracking the case with digital forensics

In the world of law enforcement, digital forensics is a game changer nearly as important as DNA testing.

When two 13 year old girls went missing in September 2014, the first place detectives looked for clues was on their iPods, smartphones and other digital devices. The digital evidence led them to the girls and they were found in the basement of 23 year old Casey Lee Chinn. He is now being charged with felony criminal sexual conduct, kidnapping and solicitation of a child.

Digital forensics – the examination of cellphones, tablets and personal electronics in criminal investigations – is dramatically changing the way cases are worked and solved. While technology has created new portals for predators searching for victims, it is also leaving telltale trails for police.

Law enforcement say that digital forensics has become an investigation imperative. With majority of adults carrying a cellphone, the devices have become the one constant in many people’s lives. Your cellphone has become everything you need throughout the day – your alarm clock, camera, phone line, email, social media terminal and so much more. Police use that almost constant phone activity to verify a suspects or witness’ statement and provide a log of a person’s movements and activities. Smartphones can even be an eyewitness by recording a crime in progress.

Electronic devices are just a treasure trove of information. The digital evidence is one of the first thing investigators look at because they leave footprints all over the place – who you were talking with, where you’ve take your photos and even who you’ve been tweeting.

It’s true; technology leaves a telltale trail for law enforcement and digital forensic investigators.

DLA is based in Cape Town and combines the experience of two seasoned investigators with both criminal and civil backgrounds with the latest technologies to achieve the digital evidence that you require.

Using cellular forensics for internet infidelity and divorce

In today’s world a cellular device has just about replaced the computer. Today, billions of mobile devices are in use worldwide. The growth for cell phones and the growing number of PC-like features being incorporated into their design are fueling the theory that the cellphone will soon become the new laptop.

In any internet infidelity or divorce case, it is very important to review the information contained on the guilty party’s mobile phone, as long as the consent to search is present. Often times when a computer is shared in the home, the cell phone becomes the mechanism of the affair.

Some of the data that can be recovered from a cellular device is:

- Call logs (date, time, phone number, duration of calls)

- SMSs

- WhatsApp messages

- Calendar entries

- Photos 

- Videos

- Emails

- Phone details

- SIM card data

Feel free to contact us at DLA digital and cellular forensics for any further information or assistance on cellular forensics!

Your video may prove guilt to you, but not in court

Because of the constant flood of easily accessible technology, security cameras seem to be more plentiful than ever before…

- Many private residences now install security cameras around the exterior of their property.

- Business owners install cameras in work areas and entrances.

- Parents with children often install surveillance equipment to keep tabs on the safety of their children with caregivers.

Those constantly rolling cameras can often hold people accountable for bad behaviour. In the event of videotaping a suspected criminal, people have a false security about their video skills. You might assume that you don’t need the services of professionals like DLA digital and cellular forensic investigators, after all, you can do it yourself, right? You will change your mind after you read what goes into providing video evidence for court…

- When you review a video to make sure you have clearly caught a crime on tape, don’t just immediately decide that dark footage is useless. Actually, dark footage is easier to enhance than overexposed footage.

- Immediately confiscate the equipment used for the video. If the event was recorded through the use of a camera phone, home camcorder or a security camera, immediately turn this equipment and video over to the proper authorities.

- Quickly make a decision about how you wish to allow the footage to be rewound and repeated. In a court trial, jurors may not be as shocked by a crime caught on video if they repeatedly view it.

- If at all possible, involve a video expert experience in evidence handling to be involved with the set-up and operation of the equipment. This person is not only easily accessible for computer glitches. But also, the presence of a legal video expert gives you credibility.

In order for video evidence to be admissible in court, it must comply with the proper recording and preservation guidelines. You might know you have evidence, but you might not be able to use it like you think.

If these important tips have made you question whether you are capable of producing the required evidence of wrongdoing or to prove innocence, it’s time to call the professionals at DLA! 

Mobile Phone Analysis

Mobile devices are becoming increasingly powerful and popular, with people even sometimes carrying more than one. However, their increasing capability provides more opportunity to store and circulate information.

Mobile devices have many different features, like the ability to take photos and videos. When a multimedia file is taken, many devices automatically embed GPS location of the handset at that time. This then allows the location of the user at that exact moment to be established at a later date.

Multiple communication features, such as Bluetooth, WiFi 3G and 4G enable the transfer of information that can even cross international boundaries. Users can browse the internet, send and receive emails, post blogs and even removable media cards can be inserted into the device allowing information to be exchanged.

Depending on the client, the following information can be recovered from a mobile phone:

- SMS
- Email
- Call history
- Photos
- Videos
- WhatsApp history
- Passwords

Mobile devices are similar to computers, but with far more powerful capabilities. The value of the evidence found on a smartphone or any other mobile device must never be overlooked! DLA has the cellular and digital expertise to extract and uncover the evidence you need.

The other side of mobile forensics

Mobile or cellular forensics isn’t just about finding WhatsApp messages, images and recent calls; it can also reveal much more. There’s a whole other side to it, which can include carrier data, call logs, undelivered messages and important data that reveals your exact location at the time of the incident. Matched together with the information saved to your mobile device, and mapped together with street names and landmarks, carrier data can enhance data on your device.

The best thing is, if cellular forensics is being used in an important crime case, they can be used to break the case. However, a lot of investigators overlook this critical evidence.

Most cell towers consist of poles that send and receive signals in three sectors; this makes it easier as it enables them to identify which side of the tower communicated with a cellular device.

Carriers keep detailed call records of these communications for billing purposes, so the data includes information like date, call length, whether a call was inbound, outbound, or went to voicemail.

Tower data reveals whether the device was in motion or stationary. A person dialing from one location will hit the same side of the same tower, but a person on the go will hit different towers and different sides.

In an investigation that uses mobile forensics, carrier data information can be vital. It can be used to place a phone in a certain area at a specific time, identify call patterns, establish timelines and identify suspects. 

DLA is based in Cape Town and combines the experience of two seasoned investigators with both criminal and civil backgrounds with the latest technologies to achieve the results that you require. Contact us today today!

Uncover the truth about your data with cellular forensics

A few years ago, the main source of truth came from email servers. These days, work communications have elvolved and are not limited to just laptops and PCs. They have burst onto the scene with WhatsApp messages, instant messaging and mobile sharing apps.

So, where is your data going? And where is it stored?

79% of business users use SMSs or WhatsApp messaging for business communications. Those text messages can pose a significant risk.

60% of those that allowed SMSs or WhatsApp messaging had minimal or no confidence in their ability to produce messages if requested.

Outside of audits, litigation and e-discovery requests are the #1 reason digital communications data is leveraged.

Standard questions legal has for IT during discovery of data:

- Where is the backed up data stored?
- What are our retention and archival policies?
- How is the company currently backing up the data stored on laptops, PCs and mobile devices?
- Which devices (Windows, iOS, Android, Linux) are in use?
- How do we manage data belonging to ex-employees?
- How does our existing software handle and implement data privacy and confidentiality policies?
- Can we collect and preserve delete messages?
- How can I monitor messaging communications on mobile devices for adherence to regulatory mandates or internal compliance policies?

With cellular forensics, IT can:

- Give legal information about the company’s data assets
- Educate legal on all the software IT uses to manage data
- Look for opportunities for IT to identify and collect data that can facilitate repeatable collections and reduce spoilage risk.

SMSs and instant messages are increasingly an issue in investigations. But by extracting them from cellular devices can be expensive and time consuming if you don’t know what you’re doing. Contact DLA Cellular and Digital Forensics and we can follow the digital trail on your cellular or digital device to get the evidence that you need.

The Different phases of a Computer Forensics Investigation

Here are the following steps investigators should follow to retrieve digital evidence…

1. Secure the computer system to ensure that the equipment and data are safe. This means digital investigators must make sure that no unauthorized individual can access the computers or storage devices involved in the search.

2. Find every file on the computer system, including files that are encrypted, protected by passwords, hidden or deleted, but not yet overwritten. Digital investigators should make a copy of all the files on the system. This includes files on the computer’s hard drive or in other storage devices.

3. Recover as much deleted information as possible using applications that can detect and retrieve deleted data.

4. Reveal the contents of all hidden files with programs designed to detect the presence of hidden data.

5. Decrypt and access protected files.

6. Analyze special areas of the computer's disks, including parts that are normally inaccessible.

7. Document every step of the procedure. It's important for digital investigators to provide proof that their investigations preserved all the information on the computer system without changing or damaging it.

All these steps are incredibly important in a computer or digital forensics investigations, make sure you follow them all to ensure an effective investigation.

DLA Digital and cellular forensics can provide you with the digital evidence that you need! Let us follow the electronic trail to find and protect the evidence that you need.