There are three primary goals with digital forensics:
- Collect electronically stored information in a sound, defensible manner,
- Analyze the results of the collections, and
- Present the findings either in formal legal proceedings or less formally to inform a client.
- Electronic evidence can be short-lived and fragile. It needs to be collected in a defensible, methodological manner to preserve it accurately, and to withstand scrutiny in legal proceedings. (chain of custody)
- Electronic evidence can be highly probative, both as it appears to users, and behind the scenes. There is a lot of information that a computer user never sees (e.g. metadata, logs, registry entries). This behind-the-scenes evidence may provide a wealth of information about who did what when and where. Forensic analysts are trained to preserve, collect and interpret this kind of evidence.
- Some digital files can be recovered, even if a user has tried to delete them.
Locate a famous case where digital forensics played a role, and share it with the class. Discuss how digital forensics was critical in cracking the case. Examples are listed below, but you canâ€™t use them â€“ find your own
Famous cases cracked with digital forensics
Be it a text message, Google searches or GPS information, a personâ€™s digital footprint can provide plenty of ammunition in the courtroom. Here are a few cases where digital forensics played a critical role in bringing about justice
1. The BTK Killer, Dennis Rader
Perhaps the most famous case to be solved through digital forensics is that of the BTK Killer Dennis Rader, with â€œBTKâ€ referring to his MO of â€œbind, torture and kill.â€ Rader enjoyed taunting police during his killing sprees in Wichita, KS. But this also proved to be his fatal flaw. A floppy disk Rader sent to police revealed his true identity. He was soon arrested, pled guilty and was put behind bars for life, much to the relief of his long-terrorized community.
2. Dr. Conrad Murrayâ€™s lethal prescriptions
Another recent case solved with digital forensics was that of Dr. Conrad Murray, personal physician of Michael Jackson. Digital forensics played a crucial role in the trial. After Jackson passed away unexpectedly in 2009, the autopsy found Jacksonâ€™s death to be the result of prescription drugs. Investigators discovered documentation on Dr. Murray’s computer showing his authorization of lethal amounts of the drugs, and he was convicted of involuntary manslaughter for Jacksonâ€™s death. He served two years in prison and lost his medical license.
3. The Craigslist Killer, Philip Markoff
When one woman was killed and another attacked after meeting individuals through Craigslist, Boston was on high alert. Fortunately, law enforcement had their suspect within a week of the murder, thanks to digital forensics. Investigators tracked the IP address from the emails used in the Craigslist correspondence to an unlikely suspect: 23-year-old medical student Philip Markoff. Without the digital trail of evidence, who knows how prolific Markoff could have become.