Feeds

CSI in computer forensics gaffe

Hey Greg, don't turn on the PC

Security for virtualized datacentres

A team of computer forensic investigators has pointed out that a character in a recent episode of hit TV show CSI: Crime Scene Investigation failed to follow a basic rule of looking for evidence: don't switch on the computer. Experts at CY4OR, based in Bury, England, praised CSI for bringing computer forensics to the forefront of public awareness; but they say it does little to reflect the correct and essential procedures that must be put in place when there is suspicion of criminal activity.

In the offending episode, chemistry boffin Greg Sanders (played by Eric Szmanda) walks on to a crime scene, turns on a nearby computer and begins accessing email. Bad move, says Joel Tobias, Managing Director of CY4OR. This is exactly what budding investigators must not do, he warns.

"Not only could this potentially damage evidence, any incriminating data that was uncovered would undoubtedly be thrown out of a court of law as the proper evidential procedures would not have been put in place," he said. "The evidential continuity would have been compromised and a criminal case could collapse."

The temptation for IT departments to become digital detectives and deal with a breach of security in house is understandable, says Tobias, as companies worry about investor confidence, company reputation and business in general. It can also be fun. However, there are a few basic steps to follow, to minimise exposure and resolve the situation as quickly as possible.

CY4OR's guide to crime scene investigations

  • Treat the matter seriously. Tell your legal team not your colleagues about your suspicions.
  • Do not inform your IT department. Instead, hire computer forensic experts.

Professional analysts from reputable companies adhere to ACPO (Association of Chief Police Officer) guidelines, can identify digital evidence quickly and ensure that it will stand up in court by following the correct procedures. They can even image your computers at night, to avoid inevitable discussions by the water cooler.

The principle of forensics which says that "every contact leaves a trace" cannot be emphasised enough, says Tobias. "There is a time and a place to leave it to the experts, and this is it," he warned

Copyright © 2005, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.