digital investigations
DESCRIPTION
Garrett eDiscovery, Forensic and Legal consultants conduct thorough and effective computer investigations of any kind, including intellectual property theft, incident response, compliance auditing and responding to e-discovery requests—all while maintaining the forensic integrity of the data. Read more at http://www.garrettdiscovery.com/TRANSCRIPT
Digital InvestigationsDigital InvestigationsPresenter: Andrew GarrettPresenter: Andrew Garrett
Garrett Discovery Inc.Garrett Discovery Inc.
Presentation forPresentation for
Private DetectivesPrivate Detectives
Why use technology?
Technology is often the usage and knowledge of tools, techniques, crafts, systems or methods of organization in order to solve a problem or serve some purpose
Efficiencywell use of time and effort
Cost Can reduce cost by obtaining a desired outcome without use of another less efficient method
Cyber Sleuthing
• Using the power of the Internet to gather revealinginformation on people and to skip trace (track someone down)
• For investigators, the web is a broad avenue for informal discovery, allowing litigators to test a witness’ candor and probe a litigant’s background and resources.
• Websites (Launch Pad)– Birthdate: Switchboard.com, whowhere.com,
anywho.com– Criminal: searchsystems.net– Gov: firstgov.gov, tray.com
Social Networking
• FacebookBy default, when you search for a topic on Facebook, the results you see will be from your list of contacts; your "circle of friends", so to speak. If you would like to expand that circle to include results from anyone who has chosen to make their Facebook information publicly accessible, simply click on "Posts By Everyone". This gives you the option to view information from people who are not included in your contact list.
• Myspace• Mylife• Twitter
Fake Social Network Pages
• Find a friend of your subject that doesn’t post a lot• Copy a few of the pictures of that friend including a profile
picture• Let’s assume we are cloning the identity of John Doe that is
friends with your subject Jake Harris.• Add a few of John Doe friends to the Facebook account that are
common friends with Jake Harris• You now have a believable account!
• Add Jake Harris as a friend and he will most likely just add you!• Now you have access and can send him an invite to your wedding
and ask for his address if needed.
Footprinting
Footprinting is searching for collections of data to be used with social engineering to gather more information about your suspect.
In order to understand how to footprint you must learn how the web search engines work. All search engines are based on Boolean logic.
Always keep your reference sheet handy until memorized.
Google Footprinting
Operators Description
site: Restrict results to only one domain, or server
inurl:/allinurl: All terms must appear in URL
intitle:/allintitle: All terms must appear in title
cache: Display Google’s cache of a page
ext:/filetype: Return files with a given extension/file type
info: Convenient way to get to other information about a page
link: Find pages that link to the given page
inanchor: Page is linked to by someone using the term
Google Footprinting
Operators Description
- Inverse search operator (hide results)
~ synonyms
[#]..[#] Number range
* Wildcard to put something between something when searching with “quotes”
+ Used to force stop words
OR Boolean operator, must be uppercase
| Same as OR
Surveillance Technologies
Video Cameras The video camera is the most valuable piece of
equipment in the PI's arsenal. Video cameras provide physical documentation of the PI's observations. In a vehicle, video cameras mount on tripods for mobile surveillance. For stationary surveillance, video cameras are hand-held. Video surveillance is admissible in criminal and civil court and workers' compensation hearings.
What about the times you cannot see the suspect? Are there covert cameras?
Surveillance TechnologiesPinhole Cameras
Pinhole cameras, button cameras and micro-cameras are small, about the size of a dime, and placed in a variety of objects for covert surveillance. Pinhole cameras hide easily within a woman's purse, jacket or shirt pocket. A number of nondescript items, such as sunglasses and baseball caps may be purchased with a built-in camera. Pinhole cameras allow a PI to move about freely and even engage the investigative subject in conversation.
• Placement• Practice• Cost• Battery Life• Brickhouse.com stuntcams.com
Surveillance Technologies
Voice RecordersState and federal wiretapping and eavesdropping laws govern the use of voice recorders. Recording telephone conversations is permissible if the call takes place in a one-party state. A one-party state requires consent of only one person directly involved in the conversation. Approximately 12 U.S. states are two-party states, which require that both parties consent to the recording. Voice recorders can also record verbal statements from witnesses, victims and suspects.
• Practice• Telephone Taps with consent• I wish I could record this conversation and “would u
allow me if I had a recorder?”
Surveillance TechnologiesGPS Systems
Private investigators use live GPS systems to track an investigative target's movements in real time. The GPS unit attaches to the subject's vehicle; the PI then uses a computer to observe and document the movements. Passive GPS systems record the subject's movements. Upon removal of the unit from the vehicle, the PI is then able to upload the recorded information to another computer. Data is viewable through a mapping program.
Cost-Monthly Charge-Mounts• Brickhouse Security• Gpsfootprints.com• Xacttrax.com• Zoombak.com
Surveillance Technologies
Key Loggers
Key loggers record activities on a computer. The key logger plugs into a USB port on the target's computer and installs a program. The program records and encrypts information about visited websites and keystrokes. Retrieving the data requires that the key logger be plugged back into the USB port; the information uploads directly to the key logger.
• Qualified Computer Tech• Antivirus• Spyware Monitoring• Use of Porn Site Email
Social Engineering
• IP-Relay– IP-relay.com
• Spoofing Phone calls– Spoofcard.com– International Calling Cards– Target Trap
Forensics
• Mobile Phone Analysis– Up to 5000 deleted text messages
• Computer analysis– Web History– Facebook Chat Logs– Instant Messenger Chat Logs– Reconstruction of web pages– Passwords
Thank you for attending
Questions:
www.garrettdiscovery.comOffice: 217-615-1888