Computer Forensics

Carney Forensics began offering computer forensics services back in 2008 by investing in tools with enhanced, powerful capabilities.  They have changed the game in settlement conferences and the courtroom for attorneys like you.

Computer Forensics Breakthroughs

Most important of the many recent technological breakthroughs has been the integration of computers, phones, and cloud evidence together in the same digital forensic data set or container. Combining the evidence sources into one corpus has enabled qualitatively new forms of integrated and probative analysis. We map out digital connections to show movement of key documents and files between computers, phones, and the cloud. This evidence helps to prove up theft of intellectual property or proprietary data cases. We build a connection graph and a timeline for your adversary’s misappropriated document to show its journey. And how and when it changed along the way. These demonstrative exhibits enable visually persuasive ways of showing and telling your client’s story.

Email, Documents, and iPhone Backups

Our powerful computer forensics tools recover deleted email, documents, and iPhone backups from laptop and desktop computer drives. iPhone backups are time capsules discovered on the user’s computer for which most people have no idea they exist. But when we examine the computer in our lab we can reveal all the recoverable mobile evidence from those iPhone backups from the past.  Live and deleted text messages, calls, contacts, and mobile app evidence may be produced to provide support for your client’s claims and defenses. 

Artificial Intelligence for Smart Computer Forensics

We employ the latest artificial intelligence and machine learning tools to categorize automatically your client’s computer forensics evidence. AI spots photographs that show weapons, license plates, automobile dashboards, or laptop screen grabs of text messages, documents, or ID cards ordinarily unsearchable. AI also analyzes and classifies chat and text messages for sexual harassment in employment investigations. It makes evidence reviews and producing reports showing material evidence easy and cost-effective.

Web Browsing and Google Search Evidence

Regularly we find Internet and web browsing evidence on Windows and Mac computers which reveals Google or Bing searches that often go to the user’s intent and motives. Our computer forensics tools also provide useful clues from the computer’s browser sessions about the user’s foreseeable cloud storage accounts like Dropbox, Google Drive, and Microsoft OneDrive. Often we can recover their contents from documents and files in the cloud. Our computer forensics tools also identify anti-forensic software installed on the computer for wiping and erasing data which may signal the intentional destruction of evidence. As a result we have become experts in spoliation cases.

Computer Forensics FAQs

What is computer forensics?

US-CERT defines computer forensics as “the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications, and storage devices in a way that is admissible as evidence in a court of law.”  It involves the identification and preservation of evidence to be collected.  And most important, it produces reports on computer evidence using highly sophisticated software and hardware tools and scientific methods.  Computer forensics when done properly changes no evidence on a computer, its hard drives, or other storage devices.

Do you perform collections of computer evidence on site at a client’s business?

Yes, we will collect on site, often after hours or on weekends, at the convenience of the client. We prefer to perform the analysis in our lab which is more cost effective for the client.

How much does a computer forensic acquisition and analysis cost?

It’s difficult to accurately estimate total costs upfront. There are many unknown factors and analysis opportunities to consider before evidence collection and preliminary analysis. Carney Forensics strives to provide the best service in the most cost-effective manner. From the initial call through final reports or courtroom testimony, our experts work closely with each client to ensure they have the information they need to make good decisions and prioritize analysis opportunities and weigh costs against benefits throughout the investigation or matter.

What are examples of computer evidence?

Computer evidence has been critical to our clients’ cases including operating system and application artifacts which support claims of theft of intellectual property and document forgery.  We also collect and produce email, Internet browser, multimedia, and database evidence from computers.  For more specific examples of digital evidence, please see the Carney Forensics case studies.

What do you charge for storage of evidence?

Carney Forensics will store client’s data for three months at no charge. If you would like us continue to store your data, we charge $50 per month.

How long do computer forensic examinations take?

The answer depends on numerous factors. This is why it’s important to call us and talk to our project manager about the evidence to be recovered. Once we understand your case and the evidence you need, we can give you a ballpark estimate of timing for planning purposes. The volume of data on the devices, how much searching and filtering is needed, and what other analyses are required will influence the time required.  The good news is the initial step, forensically copying, or imaging, the hard drive(s) can be performed in just a few days and then returned to you or your client.