Return

Our Experiences in Digital Forensics

Digital Evidences vs. Digital Forensics

The definition of forensic science is the application of scientific knowledge and methodology to legal problems and criminal investigation. Forensic scientists would collect evidences from the crime scene, and conduct fingerprint analysis, biology comparison, handwriting analysis and etc. The purpose of forensic is to find the truth of what happened. With the evolution of computer and internet technology, traditional record used to exist in paper, becomes the data stored in computer or mobile devices, and writing mail began to deliver through email. Moreover, this creates another difficulties: digital evidences.
Digital evidences are stored as metadata within the files of a computer, contacts and dialogs of a mobile phones, mailing logs in th email, user behaviors in a target machines. Some of these digital evidence cannot be identified, and it must cooperate with the help from forensic experts and equipments to extract and analyze these contents.

Forensic Cases

Case 1

We assisted a medical institution in investigation of an system alteration made by their contractor. Our team collected the evidence and analyzed the effected system, found the alteration within millions lines of syntax. We provided the evidence and findings for the client.

Case 2

Unidentified files were found on several external server of an insurance company. The client suspected an intrusion activity to the system. Our team was contacted to analyze the server and find the behavior of the hacker, and how the intruder access internal data.

Case 3

An subsidiary of a media company suspected a high ranking officer for fraud and emptying situation. Our forensic and fraud investigation team were send to the company, focusing on the collecting evidences from the accounting system, transaction history, and human resource data. During the investigation, in order to further understand the incidents, we conducted interviews of mid-level staffs, and provided the parent company the result of the investigation.

Case 4

An automotive company were being investigated by the European Union, Analytics & Forensics Lab were contacted by investigation agency, focusing on the laptop evidences of several high level officers in the Taiwan branch. We conducted a complete duplication of the evidences for the agency for further analysis and lawsuits purposes.