DIGITAL INVESTIGATIONS WILL PAY big bucks to the computer forensics specialists and that's one reason why we're pointing our academic curriculum down a pathway that encourages students to uncover the data underneath the bytes in the silicon chips. You can learn from that academic process and you can also learn from Serious Fraud investigators who have shared some tips about hiding things. You can bet that the tips shared won't help any potential fraudsters because good investigators don't tell people how to accomplish undetectable deeds.
Nonetheless, there are some interesting things I've learned or recalled after listening to Keith Foggon, head of the UK's Serious Fraud Office (SFO), when he talked about the running of his digital investigative unit.
Hiding Data Behind Pixels. It's still a common practice for some fraudsters (and terrorists) to embed information in layers of Photoshop Documents. There are digital marking programs now that detect the presence of these fat layers of content.
Back-ups Aren't. In an interview with Michael Peel, the SFO said they "are often surprised when they try to seize material from back-up servers, only to find them empty because the business had not checked they were working properly." From personal experience, I know some server administrators who were paid handsomely to let the weekly back-up routines slip.
Mobile Phone Data Can Hop Out. There are big issues with the use of mobile phones that access company databases over the air via tunnels or file transfer protocol. The SFO knows this but it has proven to be more challenging to get technology that monitors pay-as-you-go data services.
Stun Gun Shredding. A good whack with a taser will often skewer the residual charge on a thumb drive so if you're pressed to wipe a USB key and you have a stun gun close to hand, it will work as an electronic shredder.
Michael Peel -- "SFO says main problem is electronic data levels" in the Financial Times, 17 June 2008.