ICT Forensics - computer forensics
Computer forensics is the accurate collection and analysis of digital data from computers, servers, files, cell phones and other systems.
If you want to know what has been done with certain equipment and you want to record it legally, then forensics research conducted by BSM may be the solution. A phone, computer and other data carriers are full of data, visible and invisible. By means of digital investigation, also called computer forensics, answers to questions can be found. A few examples of questions are:
- Has fraud been committed with this computer?
- Has anyone been in the files?
- Have any files been modified?
- Have files been deliberately deleted?
Investigate Digital Traces
When BSM makes a copy of a hard disk for the purpose of forensically capturing data in order to be able to prove digital facts, we always place a ‘write-blocker’ between the source system and the target system. This way it can be shown that we have not influenced the data.
In addition to digital criminal investigations, BSM also conducts ‘traditional’ business investigations. It is precisely this combination that makes us unique. After all, once the culprit of computer fraud has been found, it must also be confronted. And vice versa, the digital investigations are often part of other criminal investigations such as accounting fraud or the leakage of confidential documents or data.
Investigating the data down to the deepest layers of computer systems takes place in our own lab. The original data remains untouched. For our services, we often use the Encase program, which is used worldwide by all investigative agencies to collect, analyze and report evidence.
The most requested actions of our digital investigators in the field of ICT Forensics are:
- Making copies of evidence from hard disks, USB sticks and other data carriers
- Determine whether a system or company has been hacked
- Determine what someone has done with a computer, for how long and how often
- Identify traces of corporate fraud such as data leaks (e.g. leaks of confidential information)
Would you like more information about our working method or possibilities in the field of computer forensics? Then please contact us.
A few tips and background information:
- Don’t simply turn off systems to be investigated, but consult with BSM’s LAB at the earliest possible stage as to what you should do in your specific situation so that no, or at least as few traces as possible are lost.
- Don’t do any research yourself and certainly don’t turn on a turned off computer yourself. We make copies without rebooting a system
- A forensic investigation is time consuming work. So there must be a considerable interest before you call us in. You will have to pay for our work. If you suspect fraud or cybercrime but you don’t have a budget for a forensic investigation, it’s best to contact the police to at least report it. After all, you do not have to pay for a police investigation
- There are two types of systems that come to us LAB; systems for which you can prove and declare that you are the owner and systems that have been delivered to us by a bailiff as a result of a seizure of evidence. If you are not the owner of a system we are allowed to investigate, however, we only report to a lawyer and state that client could not explain to us how client came to be in possession of the system.
- We only investigate the data relevant to the (demonstrable) research question. We do not report on other data in a system in connection with the right to privacy.