Flattr this!

Cyber forensics is a wide term that encompasses computer forensics i.e gathering evidence from computers media seized at the crime scene, and network forensics i.e gathering digital evidence that is distributed across networks.

Broadly speaking Cyber Forensics involves:

  1. Finding and decrypting protected information, encrypted information and steganographic  content.
  2. Tracking software piracy.
  3. Recovering deleted data.
  4. Matching information to computers that created them.
  5. Remotely monitoring computers and
  6. Preserving digital evidence for presentation in court.

Digital evidence is the foundation of any case involving computers.  Searching, examining, collecting and preserving digital evidence has to be done in such a manner that the court can rely upon the evidence to deliver its judgement.  Any errors in gathering, developing, or presenting digital evidence can adversely affect the trial.