Mobile challenges for e-forensics

An increase in mobile malware and data breaches via mobiles, tougher encryption, plus an uncertain regulatory and legislative landscape, are just some of the challenges that mobile forensics professionals will face in the year ahead.

These were among the most critical trends for investigative and legal professionals identified by a panel of industry experts questioned by mobile forensics and data technology specialist Cellebrite.

“From the increasing use of mobile evidence to challenges stemming from the rise in tougher encryption methods, there are a number of areas that will demand the attention of mobile forensics professionals in the year ahead,” said Ron Serber, Cellebrite co-CEO.

“As the industry continues to evolve, it will be critical for the law enforcement community, as well as the enterprise, to invest in proper training and ensure that their budgets allow them to meet the growing demand for comprehensive device analysis and data extraction.”

According to a Nielsen trend report last year, the average smartphone user has around 41 apps installed on a single device. “Whether it’s mobile messaging, personal navigation, social media or improving productivity – apps are going to dominate smartphones and tablets in 2013,” said John Carney, chief technology officer at Carney Forensics.

“The ability to extract critical data stored in apps will become the new measuring stick by which investigators gauge the superiority of mobile forensics tools.”

He added that while ‘bring your own device’ (BYOD) seemed to infiltrate the enterprise in 2012, the mobile forensics industry would confront the impact of this growing trend in the year ahead.

“BYOD adoption across the enterprise means that forensics professionals will encounter a greater number of compromised phones,” said Mr Carney. “For e-discovery experts, BYOD will mean contending with more devices that contain both personal and corporate evidence as well as an increase in legal challenges related to device access and privacy during corporate investigations.”

Eoghan Casey, founding partner at CASEITE, said smarter phones mean tougher encryption: “Expect to see more encryption of data on smartphones to protect personal privacy and corporate data, which will make forensic examination more challenging.”

Password technology, too, has advanced while pattern-screen locks have hindered forensic data extraction efforts, he added.

Mr Carney said mobile devices and the data they contain can be expected to take centre stage in both civil and criminal investigations in the year ahead: “Civil litigators are discovering that mobile device evidence is just as important as digital documents and email evidence.”

Heather Mahalik, mobile forensics technical lead at Basis Technology, added: “Now, more than ever before, e-discovery experts need comprehensive training in order to ensure the proper extraction of all relevant data from mobile devices.”

Gary Kessler, associate professor at the US Embry-Riddle Aeronautical University and a member of the ICAC (Internet Crimes Against Children) North Florida Task Force, warned that the regulatory and legislative landscape also remains uncertain.

“Lawmakers and judges are looking at cell phones much more critically than they did computers,” he said. “However, because few understand the nature of the technology, they are erring greatly on the side of caution. This speaks to the need for greater education regarding the scope and possibilities of mobile forensics and what it means for privacy and pre-trial discovery.”

Mobile malware’s incidence is also predicted to rise, particularly on Android devices.

According to Cindy Murphy, detective, computer crimes/computer forensics at Madison Wisconsin Police Department: “The intended uses of mobile malware will be very similar to non-mobile malware – steal money, steal information and invade privacy. For law enforcement and forensics professionals, mobile malware means dealing with pot