Cell Phone Forensics

Cell Phone Forensics HamiltonWe don’t talk about popularity and increasing use of cellphones anymore. They are now an integral part of our lives, much as basic electricity is. Needless to say, every new technology and development has its pros and cons. While cellphones have transformed the way we communicate today, they are yet another tool used by perpetrators to commit crimes and/or spouses to hide infidelity and affairs. It has, therefore, become imperative for law enforcement and private investigation agencies to find new and advanced ways to recover pertinent evidence from mobile devices.

To accomplish this task of recovering pertinent data related to their case, investigative teams need specific cellphone forensic tools. They need tools that can be applied to recover system files and different user applications, uncover operating system information, messages and call logs, retrieve deleted files (a key criterion in most cases), capture all photos and images, regular as well as those in unallocated spaces. In short, they need every single bit of information that can be collected from the phone’s data storage capacity, which can be collected and submitted as comprehensive evidence for prosecution.

We live in a digital age, and therefore both crime and pursue of crime has gone heavily digital. Every day, new advances are made in the field of digital forensics to help various law enforcement agencies — federal as well as well private — to deal with crime and solve cases faster. The first phase was known as computer forensics, which involved identification, extraction and analysis of computer data through clearly defined methodologies.

Various forensic toolkits have been designed and developed to facilitate the work of officials involved, with improved quality results to help them uncover key evidence faster. The handheld devices segment first appeared as an emerging area under the computer forensics subject but is now fast gaining ground as a separate field altogether. This includes platforms like iOS, Android, BlackBerry, Windows Mobile and more, all of which fall under the category of smartphone devices along with basic subscriber identity modules (SIM).

Cellphones are no longer used just to make call or send texts. They act as veritable PCs with options to mail, to social network, manage work and business, listen to music, watch movies, surf the Internet and take photos and videos. They provide handy tools to preserve important information and data instantly and capture precious moments as memories right away.

Obviously, since they can do so much for common folks, imagine how much more they can do for the criminal psyche, which is always looking at new ways to commit and hide crimes. The increasing orientation towards mobility, use of volatile memory versus non-volatile memory, diverse embedded operating systems and hibernation behavior has crime detection agencies to look for specialized tools that will help them decipher clues from cellphones faster and help them crack their cases.

To help them in this endeavor, forensic experts need to acquire both logical and physical data. The latest evaluation of all of iPhone and Android forensics tools is being conducted to check whether both these extractions are possible. Unless this is done, it will be difficult to crack the device memory and operating system files, phone data, personal email, images and documents and retrieve all technical information from them.

Physical acquisition, which involves bit-by-bit copy of the image on the disk, can recover deleted data even further and act as a great boon to solve case crimes. But this takes time, focused expertise and tools that are not always readily available, hence the logical analysis is performed first in most cases. Most law enforcement agencies are using their allocated funds to get cellphone forensic tools that incorporate logical analysis software for analyzing data from an iPhone or an Android mobile device.

To date, this effort has seen 50-50 success rate. While forensic teams have been able to retrieve valuable information at times, it hasn’t been easy and has taken up too much time and resources to be called an out-and-out success. Since the Apple iOS security is quite strong, it makes bypassing the PIN quite a challenge. Even when the forensic team cracks the PIN code to access the device, it is difficult to take out the hard drive.

Android manufacturers, on the other hand, have fragmented that operating system in such a way that most smartphone models can’t be imaged. Therefore, the need for more accurate and powerful cellphone forensic tools is great. Law enforcement needs true partners who can offer tools to get more accurate evidence to help them in their investigation as well as hold up their case well under strict legal scrutiny.

Along with these new tools comes a need for revised training for law enforcement and investigation agencies so they can understand and apply the emerging technologies in their work. The fundamentals of mobile cellular device analysis involve careful procedure following right from collecting and capturing data to analyzing the digital evidence recovered from the smartphones.

This evidence plays a key role in data mining to recreate the timeline for each case in hand, produce more accurate diagrams and event line-ups. While the advent of cellphones may have provided perpetrators with more ways to commit heinous deeds, in many ways the advent of cellphone forensic tools have made it easier for the police and prosecution to understand criminal activity better, forge better connection between evidence and action and offer more solid proof of crime in the courtroom.


Please contact us for a free consultation.