This an art of recovering or tracing back events and activities in a digital device. It is also called Forensics Science but over the time as technology evolved, most started to refer to it as Cyber Forensics which encompasses all digital devices in relation to digital crime. This process is a post cyber crime event, where people seek to know what happened, How it happened and Who was involved. This questions are vital to get answers to especially when the case is to be prosecuted in a court of law.
What is Cyber Crime: Cyber crime, or computer-oriented crime, is a crime that involves a computer or any digital device (Technology) and a network.
The computer may have been used in the commission of a crime, or it may be the target. The Internet being an inter-connection of Billions of digital devices makes cyber criminals have a vast ground of committing cyber crime. In a span of 1 year, Cyber crime rates have increased with up to highs of 60% globally. In Kenya alone, between 2018 to 2019, the rate at which organizations are being compromised by cyber criminals have risen from 11% to 59%. Read the Communication Authority Report. This trends are worrying and so more focus is on Cyber Forensics to determine how this criminals are getting to unauthorized networks.
With that in mind, Digital Forensics Investigators are meant to understand how this cyber criminal operate, as well as how the systems work. The rule of ‘Think like a criminal to catch one‘ applies for most digital forensics investigators as they must have an understanding of the technicalities of Cyber security.
Digital Forensics investigations however are not easy tasks, they are procedural and require precision for one to get the required evidence. Digital evidence can be located in many places and the cyber criminals are SMART to understand that they have to clean their digital footprint. So as an investigator, skill and knowledge play a key role in determining whether you get the required evidence. To acquire this evidence, then one must follow procedures to ensure that what is acquired is not tampered with as it may weaken the case.
For any digital forensics investigator, they must know that a digital crime scene is an equal of a murder scene. Preservation of evidence as is during acquisition process is mandatory and a strict chain of custody is to be followed. The reason as to why most of the digital crimes are never successfully prosecuted is because procedure was not followed and somehow, the chain of custody was never observed. Digital evidence can be destroyed in a matter of time when mis-handled and so precision is paramount to ensure you preserve all evidence as is.
That being one of the challenges digital forensics investigators come across, they also have a challenge of inadequate laws and structures supporting digital evidence. In digital forensics, some evidence items may be acquired using undocumented methods and having in mind that Forensics is a strict procedural process, you find investigators being disappointed no matter how good the evidence is and solid it is. This with lack of awareness to the prosecutors and judges make it very hard to prosecute cyber criminals.
As technology evolves, digital investigators will continue facing even more challenges. In this 21st century, we are looking at Internet of Things (IoT) and Artificial Intelligence (AI), more sophisticated systems yet connected to the internet and prone to cyber attacks. More challenges such as psudomizations and Dark web usage toughens up the work of digital forensics investigators.
But all in all, the technology adoption rates are on the rise, and so are the cyber criminals gangs. We are getting to the an era of Cyber Warfare where states attack states in sophisticated and well coordinated attacks. This means that digital forensics will keep on growing, but getting more complex too. In as much as we love technology, we should encourage Security by design to minimize the impact with which they attacks happen.
This is just an overview of the digital forensics space and what i have seen over the time i have practiced. Keep on this channel for more insights of this and more.