Recently, Detective Phil Rosty gave a presentation to the Forum at Heidi’s Deli about the use of digital forensic investigations to solve crimes. Rosty is a 12 year veteran of the Montrose Police Department, who has received extensive training in digital forensics from the Secret Service.
The following is an edited transcript of part of his presentation.
When you talk about digital forensic investigations, it’s really a huge, broad topic. A few years ago, it was called computer forensics. Digital forensics is a relatively new term. Computer forensics was really more about computers, but in this day and age, we’ve also got smartphones, tablets, drones, watches, just a ton of different stuff.
When we talk about digital forensic investigations, we’re talking about the investigation of evidence found on mobile devices, or on the hard drives of devices, Where the memory is kept. There is potential evidence there.
Sometimes, you hear the words “cyber-crime” or “computer crime.” Generally, when those words are thrown around, we’re talking about the actual devices used to facilitate those types of crime—frauds, identity theft, scams, all different kinds of things. But, in addition to that, we have lots of evidence of every-day crime on digital devices because they are such a part of this world. So really, that’s what I spend a lot of time doing through the forensic process of collecting, analyzing and finding things like text messages, pictures, emails, web history, Google searches. A lot of times those become very relevant to otherwise non-technological crimes.
According to the Pew Research Group, 95 percent of Americans own a cell phone, and 77 percent of those are Smartphones.
What that means for us as a law enforcement agency is that we’ve got evidence of sex assaults, child abuse, theft, fraud; evidence of virtually any kind of crime can be found on some kind of electronic storage unit.
Montrose P.D. has a forensic case load in addition to all the other cases we investigate. I’ve got 22 forensic cases pending.
About “ three or four years ago”, Rosty met with Secret Service Agent Ike Barnes, Assistant Agent in Charge of the Denver field office.
Barnes tells me that he wants to recruit Montrose P.D. to become part of the Secret Service’s Electronic Crime Task Force; I was lucky enough to represent Montrose P.D. for that. He’s telling me that “we’ll start doing digital forensic investigations, we’ll send you to school, all expenses paid, we’ll give Montrose P.D. tons of equipment and software to use, and we’ll continually try to fund this program.” The catch was that we needed to agree to work for the Secret Service as needed, on a contractual basis.
The Secret Service created these Electronic Crime Task Forces, starting in New York in 1995. Based on the success of it, Congress mandated that they were going to have a network of them spread out across the country. As of today, there are forty of them.
It’s really worked out pretty good for us. We’re getting all this equipment and training at Montrose P.D. that we can utilize for local offenses as much as we like.
They sent me to the National Computer Forensic Institute (NCFI), in Birmingham, Alabama. Funding is 100 percent from the federal government, so travel, lodging, equipment, and course fees are literally at no cost to us.
When you think of the Secret Service, you usually think of the Protection Detail. But, they have this other mandate that started with financial crime, and it has morphed into the digital world.
This has changed how the Montrose P.D. does investigations. We’re taking more on. We aren’t actually sacrificing anything.
Technology changes rapidly. All the software and the tools are constantly being updated. Software companies are constantly working on their stuff and we pay for it yearly, that is us or Secret Service. It’s not the kind of thing where you pay for it once, and then you just have it; you pay for it over and over and over.
In digital forensics, the big problem is encryption. Encryption is basically anything that is behind a “digital locked door”. And this changes, literally weekly. 90 percent of the time, when I get a cell phone in my office, the first thing I have to do is get on a site for guys like me and software engineers that work on this this stuff, and find out what we can do with this device today. Literally, what we could do with this device last week is not necessarily what we can do with it today. It changes that quickly.