IAAC: Digital Evidence, Digital Investigation and E-Disclosure

by

Organisations and individuals currently have little idea how to collect and preserve evidence from computers and the Internet. As a result criminal prosecutions become difficult, businesses fail to get redress in the civil courts or are unable to make proper insurance claims, and business value is lost.

That’s the message of Digital Evidence, Digital Investigation and E-Disclosure: A Guide to Forensic Readiness for Organisations, Security Advisors and Lawyers (PDF file) to be launched by the Information Assurance Advisory Council on Wednesday 21 March 2012…“The need for digital evidence is not confined to obvious cybercrime events such as hacking, fraud and denial of service attacks, “ says report author Professor Peter Sommer, “it’s also required when transactions are disputed, in employee disputes, and almost all forms of non-cyber crime, including murder, forgery, industrial espionage and terrorism. With the vast proliferation of computer ownership and usage plus the growth of low-cost always-on broadband connectivity, all organisations require a Forensic Readiness Program. Businesses don’t realise that when they enter litigation they are compelled to assist the other side via E-Disclosure. Too many are unprepared for this eventuality”

Sommer, who has appeared as an expert witness in many high profile cases involving computer and Internet evidence, says: “Most businesses and individuals don’t need to have on their staff a Digital Sherlock Holmes but they should have plans to identify and preserve important digital evidence from email, web transactions, PCs, tablets and smartphones – and have a broad understanding of some of the associated legal problems such as admissibility and privacy. Often what is technically easy may be illegal or inadmissible. It is very odd that organisations have in place contingency plans for low likelihood/high impact events like fire and terrorism but nothing for common-place high frequency events like disputed transactions and suspicious employee behaviour.”

The first third of the Guide gives general management advice; the remainder provides details of procedures, techniques, applicable law and sources of further information.

IAAC are making the publication free to download in view of its general importance and the lack of any other comparable advice. This is the third, considerably updated and expanded, edition of a publication now widely used in universities and in training schemes, which first appeared in 2005.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Download site: http://www.iaac.org.uk/_media/DigitalInvestigations2012.pdf

About Peter Sommer

Peter Sommer taught and researched information system security at the LSE for 17 years, ending up as a Visiting Professor. He is now a Visiting Reader at the Open University where he is consultant for its computer forensics and investigations course. He read law at Oxford and has had earlier careers as a book and electronic publisher and as a risk analyst for major corporates and insurers. In the mid 1980s he was the pseudonymous author of The Hacker’s Handbook and his co-written OECD study Reducing Systemic Cyber Security Risk attracted wide praise for its sober analysis n 2011. He appears frequently on TV and radio as an authority on cyber war, digital crime and cyber security. His main income comes from acting as an expert witness. More details: www.psommer.com

About IAAC

The Information Assurance Advisory Council is a unique partnership that brings together corporate leaders, public policy makers, law enforcement and the research community to address the challenges of managing risks to information. Our mission is to advance Information Assurance and Cyber Security to ensure that the UK’s Information Society has a robust, resilient and secure foundation. We are engaged in the development of policy recommendations to government and corporate leaders at the highest levels. Our recommendations are influential because IAAC’s Sponsors and Members comprise leading commercial end-users, government policy makers and distinguished academics. www.iaac.org.uk.

Contact Details

Peter Sommer [email protected]

Information Assurance Advisory Council

[email protected] | http://www.iaac.org.uk

Leave a Comment

Latest Videos

Forensic Focus

Forensic Focus
In this episode of the Forensic Focus podcast, Desi and Si discuss different online programming courses and what they think about the popular platform, Udemy. They also talk about Flipper, Dev boards, and Raspberry Pi, and delve into the fascinating phenomenon of running the classic game Doom on unlikely devices. Throughout the episode, Desi and Si share their digital forensics expertise, referencing some of the cases they have been working on and highlighting particular methodologies and technologies that have an impact on cybersecurity. Show Notes: 100 Days of Code: The Complete Python Pro Bootcamp for 2023 - https://www.udemy.com/course/100-days-of-code/ Domestika - https://www.domestika.org/en MIT OpenCourseWare - https://www.youtube.com/@mitocw MasterClass - https://www.masterclass.com/ Raspberry Pi 400 Complete Kit - https://core-electronics.com.au/raspberry-pi-400-kit.html Flipper Discord - https://discord.com/invite/flipper Flipper Zero - https://flipperzero.one/ This Programmer Figured Out How to Play Doom on a Pregnancy Test - https://www.popularmechanics.com/science/a33957256/this-programmer-figured-out-how-to-play-doom-on-a-pregnancy-test/ Here’s a dude playing Doom Eternal on his fridge - https://www.polygon.com/2020/10/13/21514933/doom-eternal-refrigerator-door-samsung-smart-refrigerator-xbox-game-pass-richard-mallard Doom hacker gets Doom running in Doom - https://www.pcgamer.com/doom-hacker-gets-doom-running-in-doom/ Doom Running On A Calculator Powered By Old Potatoes - https://kotaku.com/doom-running-on-a-calculator-powered-by-old-potatoes-1845374069 GoldenEra - https://www.imdb.com/title/tt11753760/ Racing the Beam - https://en.wikipedia.org/wiki/Racing_the_Beam High Score (TV series) - https://en.wikipedia.org/wiki/High_Score_(TV_series) Microcontroller Courses (Udemy) - https://www.udemy.com/topic/microcontroller/ The story of Final Fantasy XIV’s renegade do-good modders - https://www.pcgamesn.com/final-fantasy-xiv/ffxiv-modders-renegade-do-gooders Logical fallacies - https://yourlogicalfallacyis.com/

In this episode of the Forensic Focus podcast, Desi and Si discuss different online programming courses and what they think about the popular platform, Udemy. They also talk about Flipper, Dev boards, and Raspberry Pi, and delve into the fascinating phenomenon of running the classic game Doom on unlikely devices.

Throughout the episode, Desi and Si share their digital forensics expertise, referencing some of the cases they have been working on and highlighting particular methodologies and technologies that have an impact on cybersecurity.

Show Notes:

100 Days of Code: The Complete Python Pro Bootcamp for 2023 - https://www.udemy.com/course/100-days-of-code/

Domestika - https://www.domestika.org/en

MIT OpenCourseWare - https://www.youtube.com/@mitocw

MasterClass - https://www.masterclass.com/

Raspberry Pi 400 Complete Kit - https://core-electronics.com.au/raspberry-pi-400-kit.html

Flipper Discord - https://discord.com/invite/flipper

Flipper Zero - https://flipperzero.one/

This Programmer Figured Out How to Play Doom on a Pregnancy Test - https://www.popularmechanics.com/science/a33957256/this-programmer-figured-out-how-to-play-doom-on-a-pregnancy-test/

Here’s a dude playing Doom Eternal on his fridge - https://www.polygon.com/2020/10/13/21514933/doom-eternal-refrigerator-door-samsung-smart-refrigerator-xbox-game-pass-richard-mallard

Doom hacker gets Doom running in Doom - https://www.pcgamer.com/doom-hacker-gets-doom-running-in-doom/

Doom Running On A Calculator Powered By Old Potatoes - https://kotaku.com/doom-running-on-a-calculator-powered-by-old-potatoes-1845374069

GoldenEra - https://www.imdb.com/title/tt11753760/

Racing the Beam - https://en.wikipedia.org/wiki/Racing_the_Beam

High Score (TV series) - https://en.wikipedia.org/wiki/High_Score_(TV_series)

Microcontroller Courses (Udemy) - https://www.udemy.com/topic/microcontroller/

The story of Final Fantasy XIV’s renegade do-good modders - https://www.pcgamesn.com/final-fantasy-xiv/ffxiv-modders-renegade-do-gooders

Logical fallacies - https://yourlogicalfallacyis.com/

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_5f72B6DD5wk

Programming Languages, Flipper And Gaming

Forensic Focus 24th May 2023 11:43 am

In this episode of the Forensic Focus podcast, Si and Desi talk to Mackenzie Jackson, Developer Advocate at Git Guardian. Mackenzie discusses the problem of hard-coded and leaked credentials in Git repositories, the task of scanning Git repositories for leaked credentials, and how that’s helped by the setup of GitHub and Git. He also looks at some public and private cases of security breaches through Git repositories and recommends tools you can use to combat attackers on Git. Show Notes: Toyota Suffered a Data Breach by Accidentally Exposing A Secret Key Publicly On GitHub (GitGuardian) - https://blog.gitguardian.com/toyota-accidently-exposed-a-secret-key-publicly-on-github-for-five-years/ GitHub.com rotates its exposed private SSH key (Bleeping Computer) - https://www.bleepingcomputer.com/news/security/githubcom-rotates-its-exposed-private-ssh-key/ Conpago - https://www.conpago.com.au/ Source Code as a Vulnerability - A Deep Dive into the Real Security Threats From the Twitch Leak (GitGuardian) - https://blog.gitguardian.com/security-threats-from-the-twitch-leak/ Teenagers Leveraging Insider Threats: Lapsus$ Hacker Group (Forbes) - https://www.forbes.com/sites/emilsayegh/2023/03/15/teenagers-leveraging-insider-threats-lapsus-hacker-group Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal (BBC) - https://www.bbc.co.uk/news/technology-60864283 Dynamic Secrets (HashiCorp) - https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-dynamic-secrets Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault (GitGuardian) - https://blog.gitguardian.com/crappy-code-crappy-copilot/ trufflesecurity/trufflehog (GitHub) - https://github.com/trufflesecurity/trufflehog gitleaks/gitleaks (GitHub) - https://github.com/gitleaks/gitleaks Git (Wikipedia) - https://en.wikipedia.org/wiki/Git awslabs/git-secrets (GitHub) - https://github.com/awslabs/git-secrets

In this episode of the Forensic Focus podcast, Si and Desi talk to Mackenzie Jackson, Developer Advocate at Git Guardian.

Mackenzie discusses the problem of hard-coded and leaked credentials in Git repositories, the task of scanning Git repositories for leaked credentials, and how that’s helped by the setup of GitHub and Git.

He also looks at some public and private cases of security breaches through Git repositories and recommends tools you can use to combat attackers on Git.

Show Notes:

Toyota Suffered a Data Breach by Accidentally Exposing A Secret Key Publicly On GitHub (GitGuardian) - https://blog.gitguardian.com/toyota-accidently-exposed-a-secret-key-publicly-on-github-for-five-years/

GitHub.com rotates its exposed private SSH key (Bleeping Computer) - https://www.bleepingcomputer.com/news/security/githubcom-rotates-its-exposed-private-ssh-key/

Conpago - https://www.conpago.com.au/

Source Code as a Vulnerability - A Deep Dive into the Real Security Threats From the Twitch Leak (GitGuardian) - https://blog.gitguardian.com/security-threats-from-the-twitch-leak/

Teenagers Leveraging Insider Threats: Lapsus$ Hacker Group (Forbes) - https://www.forbes.com/sites/emilsayegh/2023/03/15/teenagers-leveraging-insider-threats-lapsus-hacker-group

Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal (BBC) - https://www.bbc.co.uk/news/technology-60864283

Dynamic Secrets (HashiCorp) - https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-dynamic-secrets

Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault (GitGuardian) - https://blog.gitguardian.com/crappy-code-crappy-copilot/

trufflesecurity/trufflehog (GitHub) - https://github.com/trufflesecurity/trufflehog

gitleaks/gitleaks (GitHub) - https://github.com/gitleaks/gitleaks

Git (Wikipedia) - https://en.wikipedia.org/wiki/Git

awslabs/git-secrets (GitHub) - https://github.com/awslabs/git-secrets

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_BX15Z_xF8mA

Preventing Data Leaks With Git Guardian

Forensic Focus 3rd May 2023 11:07 am

In this Mobile Unpacked with Chris Vance webinar, Chris will focus on the Messages app on iOS and its storage components. With Apple’s notable presence in the mobile market in North America, the core Messages app is one forensic examiners are exposed to frequently. With so many additional features beyond just sending and receiving messages, how are those flags stored? This talk will break down many of the different features, settings, and storage locations for SMS & iMessages across the iOS ecosystem.

In this Mobile Unpacked with Chris Vance webinar, Chris will focus on the Messages app on iOS and its storage components. With Apple’s notable presence in the mobile market in North America, the core Messages app is one forensic examiners are exposed to frequently. With so many additional features beyond just sending and receiving messages, how are those flags stored? This talk will break down many of the different features, settings, and storage locations for SMS & iMessages across the iOS ecosystem.

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_QSrL2rnVCX8

Cracking the Code of iOS Messages: A Guide To Storage And Analysis Techniques For Forensic Examiners

Forensic Focus 24th April 2023 9:37 am

Load More... Subscribe
This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Digital Forensics Round-Up, May 25 2023
News

Digital Forensics Round-Up, May 25 2023

ByForensic FocusMay 25, 2023
Programming Languages, Flipper And Gaming
Podcast

Programming Languages, Flipper And Gaming

ByForensic FocusMay 24, 2023
Oxygen Forensic® Detective v.15.5 Introduces Support For Android Devices With UNISOC Chipsets
News

Oxygen Forensic® Detective v.15.5 Introduces Support For Android Devices With UNISOC Chipsets

ByOxygenForensicsMay 23, 2023
Digital Forensics Round-Up, May 18 2023
News

Digital Forensics Round-Up, May 18 2023

ByForensic FocusMay 18, 2023
UPCOMING WEBINAR – Deepfake Detection And Authenticity Analysis In Amped Authenticate
News

UPCOMING WEBINAR – Deepfake Detection And Authenticity Analysis In Amped Authenticate

ByAmpedSoftwareMay 18, 2023
Forensic Focus Attends Forensics Europe Expo 2023
News

Forensic Focus Attends Forensics Europe Expo 2023

ByForensic FocusMay 17, 2023
Share to...
BufferCopyFlipboardHacker NewsLineLinkedInMessengerMixPinterestPocketPrintRedditSMSTelegramTumblrVKWhatsAppXingYummly