11/6/2024 Cassandra Smith
Written by Cassandra Smith
We have many devices to assist us with daily tasks. Alexa plays the latest news updates. Google Assistant dims the lights in your kitchen. Ring cameras keep an eye on your home while you are away. These are just a few of the many devices that may be connected to a network. While we think of these gadgets as time-savers, researchers see them as ways to potentially solve crimes.
Casey O’Brien, Information Trust Institute associate director for cyber defense education and training, is supporting a research project that is developing a training program to help federal law enforcement officers understand the potential role such devices can play in evidence gathering and other aspects of law enforcement. Internet of Things (IoT) devices. O’Brien said devices like Alexas, Ring doorbell cameras and other network-connected devices can give officers many ways to gather evidence at a crime scene. However, they must understand the range of devices that might be encountered at a crime scene; what data such devices may hold that would be of evidentiary value; how to protect those devices and the data they hold from nefarious tampering or deletion; and how to handle the devices in ways that conform to chain-of-custody requirements.
The project is funded through the Critical Infrastructure Resilience Institute (CIRI), a Department of Homeland Security Center of Excellence at the University of Illinois Urbana-Champaign (UIUC). Through the project the CIRI team – led by Principal Investigator, Dr. William Cope, Professor at the College of Education at UIUC - is creating training for the Federal Law Enforcement Training Centers (FLETC) -- which delivers training to some 200 federal law enforcement agencies, ranging from the Transportation Security Administration to the National Park Service. FLETC educates agents who become experts in their field.
When you think of the word “forensics,” you may think of someone processing a crime scene. Digital forensics takes that process into the tech world. Federal law enforcement officers need to understand the “digital landscape” at crime scenes from the perspective of digital forensics. If a crime is committed using a phone, computer or other device, digital forensics allows investigators to find evidence on those devices to support their case. This can be as commonplace as getting information off of a smart phone or as complicated as recovering data from an entertainment system on a specific manufacturer’s vehicle. Also, aspects of digital forensics (e.g., reverse engineering) can be used to figure out how a piece of malicious software works to infect a computer system.
Complicating matters, each generation of device may have its own storage system; sometimes well documented; sometimes not. Officers must also be careful about how they try to recover information from the IoT devices. “You can’t just unplug certain IoT devices because they may store critical data that could be used in an investigation on the device itself. Once unplugged, the data is gone,” said O’Brien. That is where his project comes in: It accounts for the range of devices on the market, what they can do, where they store their data, and effective ways to extract data from them.
O’Brien’s research also looks at trends regarding IoT devices. “There’s this sort of Wild West mad rush to create the next whatever sensor...,” said O’Brien.
The more devices there are out there, the more urgent it is to properly train law enforcement on how such devices impact law enforcement and criminal prosecution efforts.
When officers know what information is available and how to properly access and handle that information, the more effectively they can investigate and prosecute criminal activity in today’s increasingly digital world.