New digital forensic triage tool for frontline officers

A new tool which lets frontline police officers detect illegal images and other potential criminal evidence stored on computer devices is now being tried out by four British forces.

Jul 23, 2009
By Paul Jacques

A new tool which lets frontline police officers detect illegal images and other potential criminal evidence stored on computer devices is now being tried out by four British forces.

SPEKTOR Forensic Intelligence allows an operator with just a few minutes’ training to find, preserve and protect digital data in an evidentially sound manner which complies with Association of Chief Police Officers (ACPO) recommendations and satisfies all legal requirements for any subsequent criminal or civil court proceedings.

Developed by forensic computing consultancy Evidence Talks, the system has been specifically designed to help law enforcement officials, including police and border patrol officers quickly retrieve data from computers, hard drives, memory sticks, digital cameras and other media, such as CDs and DVDs, for subsequent examination by skilled forensic analysts.

By removing the need to have computer experts at the scene, it results in huge savings in fees and travelling expenses.

The portable, easy-to-use forensic triage solution consists of a ‘control pod’, which allows an officer to forensically wipe, verify and configure reusable SPEKTOR ‘collectors’ which store a copy of any potential evidence which may prove useful to an investigation. This data cannot be accessed by unauthorised users.

Officers can quickly inspect and preserve images, PDFs, documents, spreadsheets, browser histories, search records, emails and Internet chat logs without interfering with or contaminating the evidence. They can even capture encrypted, password-protected and deleted files.

On Windows computers, SPEKTOR automatically extracts forensically-useful data from the registry, including profile settings, details of previously-attached USB devices, recent file activity, network settings, installed software, online storage details, auto-form details and much more.

SPEKTOR also includes a unique ‘remote forensics’ capability. Operators can request assistance from remote colleagues via a secure, audited network connection, allowing a forensic or intelligence expert to review captured data from anywhere in the world, even via a 3G or sat-phone network.

Evidence Talks managing director Andrew Sheldon sexplained: “This solution was developed after long and detailed discussions with police officers and other members of the law enforcement community – and it delivers exactly what they wanted. SPEKTOR is already being used by a number of UK authorities which particularly appreciate its speed, flexibility and evidential soundness.”

Computer forensic triage is usually defined as the forensic examination process to determine which data should be investigated first, second, etc, and which data should not be investigated at all. Triage considers the value of investigating, the complexity and the cost and the order in which the investigation should be accomplished. The focus of forensic triage is to:

•Find useable evidence quickly.
•Identify possible victims that may be at risk.
•Direct the ongoing investigation.
•Identify potential charges.
•Assess the possible danger the suspect poses to society.

For further information on SPEKTOR Forensic Intelligence, call 0845 125 4400, visit www.evidencetalks.com or email info@evidencetalks.com

Related News

Select Vacancies

Chief Constable

Humberside Police

Assistant Chief Constable

Greater Manchester Police

Head of Corporate Communications

Greater Manchester Police

Copyright © 2024 Police Professional