Network monitoring as a small business workshop
Learn how you can protect your business from hackers by monitoring your network traffic. Being a small business doesn’t mean you can’t secure yourself. We know it can be intimidating ...
Blog Alias todayAugust 25, 2020 573 4 5
When you think forensics, you probably imagine fingerprint and blood sample analysis. Which is pretty close to what digital forensics is. Change out the fingerprint for a computer and you’ve basically got it.
Digital forensics is the scientific approach to performing data recovery and analysis of a digital device. A device is the technical term for what needs to be analysed. So a phone, laptop, computer, etc.
Need deleted text messages recovered? Have you been hacked? Digital forensics is versatile. Frequently, you’ll see it called mobile forensics, GPS forensics, email analysis and computer forensics. This just lets people get a little more specific with the type of forensics they perform.
Like traditional forensics, the main part of the digital forensics process is the investigation. The investigation provides a detailed report of what happened to the device during a specific incident or time frame. Was it powered on? Were messages sent? These questions and more are what we answer during an investigation.
We mention above that a digital forensics required scientific approach. Why? Because another digital forensic examiner has to confirm what we discovered. Digital forensics isn’t an opinion; it provides the court system with facts.
Digital investigations isn’t just criminal activity. In fact, many of the cases we’ve worked included child custody cases, fraud, intellectual property theft or employees gone rogue. And sometimes, it can be a person who just wants the photos/videos of a loved one who has passed recovered.
As you continue further down the digital forensics rabbit hole, you’ll find it overlaps with incident response. During a hack, there’s a high chance the hacker is asking for money in return for their data back. That’s ransomware. Learn more about the role of digital forensics in ransomware by listening to episode 10 of the Secure AF podcast.
Since you have a better understanding of what digital forensics is, let’s take a brief look at the typical steps in a digital forensics case
After completing a chain of custody form, which shows who had the device and when, we start collecting the data. Court recognized software assigns a unique identifier to the collected data. This identifier changes if any alterations to the content occur.
After collecting the data, we upload it into specialized software. After that, search terms identify relevant documents and/or information. Based on the initial findings, we can further narrow down the data.
Now our engineers analyze the results from the discovery step. If our client is looking for a specific item, like an Excel spreadsheet, this is where we sift through the search results to find it.
Examiners now collect the data that passed analysis and create a detailed report. These reports highlight the findings from the previous steps in a easy to read, data only report.
Need some forensics performed on a phone or computer? Reach out to us through our contact form. One of our Alias team members will reach out to you.
Written by: Alias
Tagged as: cyber security, digital forensics, computer forensics.
Workshop Alias
Learn how you can protect your business from hackers by monitoring your network traffic. Being a small business doesn’t mean you can’t secure yourself. We know it can be intimidating ...
Blog Alias / September 23, 2024
Penetration testing is becoming the vaccinations of the tech industry. Everyone is expected to get one; some don’t believe in them, and others only do it because they are told to. But what is really being purchased? A pen test follows four basic elements of security: It’s crucial to know vulnerabilities, but once those vulnerabilities ...
Blog Alias / August 19, 2024
When we think about the impact of cybersecurity attacks, it’s easy to fall into the trap of believing that data is only as valuable as the ransom a company is willing to pay to retrieve it. We’ve seen this misconception challenged by the rising number of attacks on hospitals and schools, but what often flies ...
Copyright 2019 Cyber Security Design Concept by <a href="http://qantumthemes.com?rel=demo" target="_blank">QantumThemes</a>.