Cybercrime Crackdown--Part Two - WTOC-TV: Savannah, Beaufort, SC, News, Weather & Sports


Cybercrime Crackdown--Part Two

When evidence leads the South Carolina Computer Crime Center, or CCC, to a suspect, agents can obtain a warrant to search the suspect's machine. The CCC's computer forensics lab is also used to help other law enforcement agencies solve cybercrimes. They use the latest equipment, and can often find what they're looking for even if the user tried to get rid of it.

"Through a variety of products, we're able to go back and look at the actual sectors on a drive and recover data that has been deleted by the operating system," Troy W. Pound, one of the center's information technology managers, explained.

Agents were quick to point out that recovery cannot be guaranteed, but often they can recover even partial data that will aid their investigation. Agents don't work directly from the evidence, however. Evidence is initially brought to the CCC forensics lab, where examiners take an inventory before making a copy for field investigators.

All computer data is stored on the hard drive, and examiners use special equipment to make an exact copy to work from. A special forensics program makes it possible for agents to sort through endless streams of digits and garbled text efficiently, in order to identify their targets.

"The hard drives we get back from the lab are bit-for-bit copies, so whatever was on the suspect's hard drive or the victim's hard drive, whatever the case may be, is every bit of information from the beginning to the end of that hard drive," said Special Agent Jeff Miller.

But information technology doesn't end at the desktop or laptop PC.

"PDAs, cell phones, fax machines, printers...all have cache memory and there are times when evidence may in fact exist on these as well," noted Lt. LJ "Chip" Johnson, Jr., the center's supervisory special agent. "So we deal with a variety of hardware."

In the modern crime scene, investigators can look at all kinds of potential electronic evidence.

"You've got Apple computers, you've got computers that have older hard drives on them that wouldn't interact with some of the newer technology," said Miller. "This machine [a portable forensics computer] goes frontwards, backwards. Anything that's out there, we can look at."

In an age when going about your daily routine could leave as many electronic fingerprints as physical, crime fighters no longer have the luxury of not being technology savvy.

Reported by: Charles Gray,



Powered by Frankly