Our Experiences in Digital Forensics

Digital Evidence vs. Digital Forensics

The definition of forensic science is the application of scientific knowledge and methodology to legal problems and criminal investigation. Forensic scientists would collect evidence from the crime scene, and conduct fingerprint analysis, biology comparison, handwriting analysis, etc. The purpose of forensic is to find the truth of what happened. With the evolution of computer and internet technologies, traditional records that once existed on paper are now stored on computers or mobile devices, and written communication began to be delivered via email. This evolution also brings a new challenge: the emergence of digital evidence.
Digital evidence is stored as metadata within computer files, contact logs and messages from mobile phones, email logs, and user behavior on target machines. Some digital evidence may not be easily identifiable and must be extracted and analyzed with the assistance of forensic experts and specialized equipment.

Forensic Cases

Case 1

We assisted a medical institution in the investigation of system alterations made by their contractor. Our team collected the evidence and analyzed the affected system and identified the specific alteration among millions of lines of code. We provided the evidence and findings for the client.

Case 2

Unidentified files were found on several external servers of an insurance company. The client suspected unauthorized access. Our team was contacted to analyze the server and find the behavior of the hacker, and how the intruder gained access to internal data.

Case 3

A subsidiary of a media company suspected a high-ranking officer of fraud, embezzlement, or other financial misconduct. Our forensic and fraud investigation team was sent to the company, focusing on collecting evidence from the accounting system, transaction history, and human resource data. During the investigation, in order to further understand the incidents, we conducted interviews of mid-level staff members, and provided the parent company with the results of the investigation.

Case 4

An automotive company was under investigation by the European Union, Analytics & Forensics Lab was contacted by an investigative agency, focusing on the laptop evidence from several high-level officers in the Taiwan branch. We conducted a complete duplication of the evidence for the agency for further analysis and litigation purposes.