Friday, November 5, 2021

Popular Case Studies in Digital Forensics

Popular Case Studies in Digital Forensics

In today’s ever-changing and increasing technological world, digital forensics has become an important step in civil and criminal investigations. This typically involves collecting, extracting, and examining data evidence from computer hard drives, mobile devices (smart phones, tablets, GPS units, etc.), emails, text messages, social media, location (or GPS) data, and cloud storage systems.

There are several notable and famous cases that involved the utilization of digital forensics to be solved. Most of the population of this country has heard of these cases:  the BTK Killer, Dennis Rader, the Craigslist Killer, Philip Markoff, and Larry J. Thomas vs the State of Indiana.

For over 30 years, the BTK Killer, aka Dennis Rader, tortured and killed at least ten people while evading identification and capture in Wichita, Kansas, beginning in the early 1970’s. He made it a habit of taunting law enforcement as he sent cryptic messages during his killing spree. Everything seemed to stop in 1991, when BTK seemed to just disappear. However, it was this habit that led to his capture and arrest on February 25, 2005. Prior to his arrest, Rader contacted law enforcement to ask whether he could communicate with them via a floppy disk and virtually asked if it could be traced back to a specific computer.  After a number of weeks, a floppy disk was received by a local television studio and was swiftly traced back to a computer he used at his church, Christ Lutheran Church and the Park City library as well as information found in the properties section one of the documents, details of the file (metadata) displayed that this document was saved by an individual named “Dennis”. This was in the early stages of digital forensics and produced very notable results.

Craigslist is a well-known website where individuals can buy or sell goods and services. However, the site became synonymous with a murder case that was eventually solved using digital forensics. On April 14, 2009, a New York woman, Julissa Brisman was found murdered in an upscale hotel in Boston. There was additionally a report of an assault on another woman who was robbed at gunpoint. Both women had posted an ad on Craigslist, which is how the Craigslist killer, 23-year-old, Philip Markoff, had found his intended victims. On the night of the crimes, they had each made an appointment to meet a man named “Andy M.” 

Investigators were able to trace emails sent between the victims and Markoff and discovered the IP address of the postings, which led them to Markoff after submitting subpoenas for IP address ownership information. There were also phone calls exchanged between Markoff and the victims in this case. The phone numbers were traced back to prepaid cell phones. Surveillance video from the hotel captured a young man in a black leather jacket and a New York Yankees baseball cap entering and exiting the hotel around the time of Brisman’s murder. Once law enforcement discovered the killer’s name, they turned to Facebook for research and discovered he was engaged to a woman named Megan McAllister. Police staked-out the couple’s apartment and waited for Markoff. He was arrested on April 20, six days after the murder and died after his fourth attempt at committing suicide in prison.


In the third case, Larry J. Thomas vs. State of Indiana in 2016, Thomas was found guilty of the attempted robbery and murder of Rito Llamas-Juarez in his car and was linked to the murder through social media and Offer Up, which is an app used to buy and sell items. Thomas had set up a meeting to sell an iPhone 6 to Llamas-Juarez in a parking lot.

Based on witness accounts of the incident, law enforcement turned to Facebook and discovered Thomas was using the name “Slaughtaboi Larro” and had posted photos of himself carrying an assault rifle and ammunition used in the murder of Llama-Juarez matched that of the weapon posted in the images as well as a bracelet worn which was found at the crime scene. Cell phone records not only put him at the scene of the murder but were able to identify the Offer Up app which was used to set up the meeting with Llamas-Juarez. A treasure trove of evidence was later found in his possession at his residence, and he was subsequently arrested.


Civil cases can also utilize digital forensics to help prove or disprove a claim between two parties, companies or their representatives.  One of the most famous divorce cases involved Tiger Woods. After being suspicious about his behavior, Tiger’s model wife, Elin Nordegren, texted night club hostess, Rachel Uchitel, pretending to be Tiger.  This infidelity was later proved in court in 2010.  Without this confirmation, the claim of infidelity would have been difficult to prove.  This case also highlights the ease at which people can spoof or fake text messages and why having a forensic analysis of a mobile device (or all devices) in a large litigation case is crucial.


Text messages, emails, social media or a varying array of application data can be used in most civil cases such as divorce, intellectual property (IP) theft or employee misconduct to help prove or disprove claims made in the case.

Wrapping It Up

All four of these cases were solved in one form of digital forensics or another. Although in the infancy stage during the time of BTK, digital forensics has changed and continues to adapt to the newest technologies. With many individuals utilizing the internet and social media or mobilizing with their digital media or fitness apps, the use of digital forensics in litigation has become a critical component in assisting to solve crimes. Technology is alway changing and increasing in capability, therefore it is crucial for digital forensics to do the same. Crime and civil disputes will never stop. Accordingly, the value of digital forensics is a tool that will increasingly be one that investigators and litigators will need to be aware of and evolve with as the complexity of cases evolves.

Author: 

Tami Smith

Digital Forensic Examiner

Professional Digital Forensic Consulting, LLC 

Virginia DCJS #11-14869

Based in Richmond, Virginia

Available Wherever You Need Us!

 We Find the Truth for a Living!

 

Computer Forensics -- Mobile Forensics -- Specialized Investigation

About the Author:

Tami Smith is a Digital Forensic Examiner and Consultant of Pro Digital Forensic Consulting, based in Richmond, Virginia (USA). An Army Veteran, she is a Suma Cum Laude graduate of Computer Forensics and Digital Investigations, she has had the opportunity to practice in the field, examining civil and criminal cases with the discipline of her military experience. Tami holds vendor-neutral and specific certifications in the field of digital forensics and high-tech investigation and is also a Private Investigator in the state of Virginia. She continues to hone her digital forensic knowledge, education, and experience in the private sector.

Email :  Inquiries@ProDigital4n6.com

Web : https://ProDigital4n6.com

Pro Digital Forensic Consulting on LinkedIn: https://www.linkedin.com/company/professional-digital-forensic-consulting-llc

Tami Smith on LinkedIn:  https://www.linkedin.com/in/tami-smith-1b28ab29/