Digital Investigations for the Modern Case Agent: Enhancing Criminal Investigations with Electronic Evidence
In today’s environment, being an effective criminal investigator requires that you be proficient at leveraging various types of digital evidence to successfully move forward in your case. This includes use of open source intelligence and social media information, digital forensic evidence, data stored on various types of e-mail servers/cloud-based solutions, and cell evidence from phone companies and stored on mobile devices. To be effective, you must know what digital information is out there, how to identify it, how to obtain, and how to use it. This course is a comprehensive study of all things digital that are used to enhance criminal investigations. At the conclusion of this course, you will have a strong command of which digital evidence he/she should seek in a particular investigation, how to obtain that digital evidence, and how to utilize various types of digital evidence to enhance criminal investigations. This course is taught by leading experts in the field of digital forensics, cyber investigations, electronic surveillance and open source intelligence. The following topics will be covered during this 40-hour, week-long course:
Day 1: Introduction and General Digital Evidence Topics
- Introduction to digital forensics, social media investigations, and electronic surveillance.
- 4th Amendment issues surrounding digital evidence
- General guidelines for obtaining subpoenas, court orders, and search warrants for digital evidence.
- Overview and case studies covering how digital forensics evidence is used to support investigations.
- Overview and case studies covering how cell phone records and electronic surveillance evidence is used to support investigations.
- Overview and case studies covering how open source intelligence/social media information is used to support investigations.
- Using electronic geographic location data.
Day 2: Digital Forensics – How to Obtain and Utilize Digital Forensics Evidence in your Investigations
- Introduction to basic computing concepts
- General overview of digital forensics process and best practices
- Digital evidence collection and seizure
- Basic concepts in digital forensics analysis
- Digital Forensics for the Case Agent; Internet history, e-mail, deleted data, and typical digital forensic artifacts
- Techniques for creating effective digital forensic requests
- Cell phone forensics: overview of cell phone forensic processes, methods, and typical results
- Interpreting and utilizing digital forensics work product and reports
Day 3: Electronic Surveillance and Cell Phone Records
- How to obtain historical records from cell phone providers and use them in an investigation.
- How to implement pen registers, GPS pings, and other phone-based electronic surveillance.
- Mapping geographic location records including cell towers and other types of geolocation data from cell phone carriers and other providers.
- Introduction to covert video surveillance
- Use of GPS tracking technology and other active geographic location tracking.
- Introduction to body wires and other audio electronic surveillance.
Day 4: Open Source Intelligence and Social Media Investigations
- Introduction to 28 CFR Part 23 and how this and similar laws drive open source intelligence operations, reporting, and retention.
- Utilizing the most common social media apps for case enhancement
- Developing and maintaining UC accounts for law enforcement investigations
- Identifying suspects / co-conspirators and linking them together
- The most current and advanced search techniques for social media and open source intelligence
- Locating suspects / targets
- Linking multiple social media accounts to the same person
- Communicating with suspects / targets utilizing UC accounts (depending on agency policies)
- Tracking suspects / targets in real time utilizing geo-based filters and maps
- Gathering intelligence through social media and open source
- Investigations involving websites such as OfferUp, LetGo and Craigslist
- Preserving evidence
- Utilizing Open Source Intelligence (OSINT) to your advantage
- Defining the difference between intelligence vs. evidence
- Understanding when to obtain court orders, subpoenas and search warrants
- How to obtain and serve court orders, subpoenas and search warrants on social media, e-mail, and cloud-based providers.
Day 5: Case Studies and Mock Investigations
- This day will be a capstone covering all electronic evidence methods learned so far.
- Students will participate in an interactive mock investigation/case study and course examination.