Transcript

Hold the Phone: What You Should Know About Mobile Device Forensics

1111 HOLD the PHONE WHAT YOU SHOULD KNOW ABOUT MOBILE DEVICE FORENSICS 90% 58% 42% With 90% of American adults owning a cell phone, 58% owning a smartphone, and 42% owning a tablet computer, there's a growing need for guidelines when it comes to examining these devices. Digital forensic examiners have experienced a significant increase in requests to examine data from cellular phones and other mobile devices. THERE ARE UNIQUE CHALLENGES WITH MOBILE DEVICE EXAMINATION INCLUDING: A LARGE VARIETY OF MOBILE DEVICES DEVICES USE A VARIETY OF: Operating systems Services Peripherals Embedded file systems Internal, removable, and online Applications data storage The data contained within mobile devices is constantly evolving. MOBILE DEVICES OFTEN CONTAIN MORE DATA BEYOND: Call history Text messages Contacts Photos Notes Calendar entries Data storage is often intentional, but sometimes unintentional. While the amount of data mobile devices can store is relatively small compared to computers, that capacity is growing. WHY DO WE WANT AND NEED THIS DATA? Personal mobile devices are often used for business communication and vice versa. Mobile device data is often sought for intelligence purposes. MOBILE DEVICES CAN BE USED TO FACILITATE AND COMMIT CRIME These crimes include: 95% Threatening or extortion calls Sports betting Terrorist activities Some estimates say up to 95% of crime involves some use of a mobile device. Sending/receiving/ storing obscene pictures or videos Smurfing (money laundering) More and more Sometimes only specific data is necessary for an investigation. Other cases benefit court cases from a full forensic involve electronic examination and evidence. recovery of deleted data. HERE'S JUST SOME OF WHAT MOBILE DEVICES CAN STORE: A) Messaging GPS Apps - Last fixed coordinates - Search history - Routes history - Last displayed map - Favorite places - Saved maps - List of installed apps - Camera snapshots - Video clips - Voice records - Paired Bluetooth - Text messages (SMS) - Multimedia messages (MMS) · Emails · Email attachments - Date and time devices Web browser Tasks - Pages viewed history - Last opened URLS - Search history - Bookmarks - Web caches files - Task description - Deadline - Priority level - Completion date and time 10 Contact information Location tagger - First, middle, last name - Company name - Job title - Phone numbers - Addresses · Email addresses - Birthday " Speed-dial positions - Cell coordinates for camera snapshots - Cell coordinates for SMS messages - Cell coordinates for video records 10 Calendar events Notes - Meetings - Reminders - Start date & time - Note text - Date Basic information - Serial number - Hardware and Event log Incoming, outgoing, missed calls history - Sent and received messages history - WiFi sessions log software revisions - Network information WHAT ABOUT DAMAGE? If a mobile device is exposed to harsh weather, water, or fire, or damage in any other way, forensics examiners can often resurrect evidence. MOBILE FORENSICS AND THE LAW J00 If you consent to a search, the police do not need a 0110100 warrant to search your 00 mobile devices. Law in this area is continually changing. A 2014 federal appeals In 2014, the Supreme Court ruled that police cannot search cellphones of people they arrest. A 2012 case decided in the U.S. Court of Appeals for court in Atlanta ruled the 7th Circuit ruled that it that the government is legal for police to search cell phones to determine their phone numbers does not need a warrant to search cellphone tower location records. without a warrant. More intrusive searches were not discussed in the ruling. While pleading the Fifth can sometimes protect people from giving out their passcodes to law enforcement, officers can legally compel people to unlock TouchID phones. Law enforcement can legally require phone companies to turn over cloud backups if served with a valid legal request. If you refuse, they can sometimes unlock the phone by lifting your fingerprint. Law enforcement can benefit from investing time and money into: I Learning about new operating systems. 1 Developing new forensic methods. Investigations are complicated by the constant need to keep up with new hardware, operating systems, and apps. Mobile devices often act as personal diaries. Every phone call, text message, photo, and internet search can become evidence in a court of law. slideshare.net digital-forensics.sans.org bluesheepdog.com SOURCES eff.org nytimes.com media.call.uscourts.gov mashable.com ijarcce.com reuters.com investigation.com Designed by: Brought to you by: Vound Intella GHERGICH&Co. 0

Hold the Phone: What You Should Know About Mobile Device Forensics

shared by Ghergich on Jul 06
210 views
2 shares
0 comments
Estimates say up to 95% of crimes involve a mobile device. Curious about mobile device forensics? Check out this guide to find out what kind of data mobile devices store and why people want to get the...

Category

Technology
Did you work on this visual? Claim credit!

Embed Code

For hosted site:

Click the code to copy

For wordpress.com:

Click the code to copy
Customize size