computer forensics

A Computer Forensics investigation can be initiated for a variety of reasons. The most high profile are usually with respect to criminal investigation, or civil litigation, but digital forensic techniques can be of value in a wide variety of situations, including perhaps, simply re-tracking steps taken when data has been lost. This has the potential of developing both inculpatory and exculpatory evidence that without its use, will remain hidden. 



One definition is analogous to "Electronic Evidentiary Recovery," known also as e-discovery, requires the proper tools and knowledge to meet the Court's criteria, whereas Computer Forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Another is "a process to answer questions about digital states and events”.



The forensic examiner renders an opinion, based upon the examination of the material that has been recovered. After rendering an opinion and report, to determine whether they are or have been used for criminal, civil or unauthorized activities. 



The objective being to provide digital evidence of a specific or general activity.  




1-702-900-CORE (2673)  Contact Us

data recovery

STORY: I'm notified by the client that a formerly trusted suspect has taken $500,000 from the joint business accounts.  On his haste to leave town and change his identity, he forgets his office computer. After seizing the computer, and 13 hours of data recovery, I was able to recover a deleted file called "to do list."  This document literally was his "to do" list on everything from bank withdrawals, to device destruction and his top choices on new places to live. He was captured several months later and this document proved intent, and sealed his guilty plea.


The main phases of a Computer Forensic investigation are: secure the subject system (from tampering during the operation); take a copy of hard drive (if applicable); identify and recovery all files (including those deleted); access/copy hidden, protected and temporary files; study 'special' areas on the drive (eg: residue from previously deleted files); investigate data/settings from installed applications/programs; assess the system as a whole, including its structure; consider general factors relating to the users activity; create detailed report.



Have you noticed a suspicious slow down of your computer’s processing without any particular reason? Unless you run the correct program, you will not be able to detect the real problem in your system: spyware and adware.


Adware are unsolicited programs that usually come bundled with freeware or shareware. Spyware on the other hand is more covert and usually undetected in your system until you run an anti spyware program. Spyware is used exactly to spy on you. In relatively mild cases, spyware is used to track your Internet browsing habits so that the spyware can report your preferences to build a marketing profile.


Core Group can covertly review your infrastructure and recommend lasting security solutions. 


Only 47 percent of companies have confidentiality rules, and only 34 percent carry out security checks.  


Security consciousness has substantially improved in large businesses but is still negligible in small and medium-sized venture companies that often drive innovation.

1-702-900-CORE (2673)  Contact Us


Core Group Company VIDE0.


computer espionage

The IT era has made it almost more important to safeguard technology than to develop it.


Cutting-edge core technologies can mean sink or swim not just for corporations but for nations. Yet we continue to hemorrhage technology.  A simple Flash Drive walking out the door with your proprietary information can mean the end of your business. To stop that leakage of technology, we must urgently adapt the security framework to new threats.



The U.S. laws that are supposed to protect computer security are minimal and the odds of someone getting caught, using spy tactics and vulnerabilities, searching for evidence, levels of encryption, snooping with keyloggers and detecting keyloggers, use of Trojan horses, eavesdropping on networks, eavesdropping on Wi-Fi networks, electromagnetic eavesdropping is slight unless pre-emptive and proactive measures are taken.


We do have laws protecting business secrets, but they focus on punishment after the fact. What is needed is prevention.  The most important thing is for individual businesses to build up their security infrastructure. 





forensic workstation

The Core Group employs a Forensic Air-Lite IV MK II, that may be brought to your place of business and is a quick reaction form of incident response and may also be carried on-board a commercial aircraft.


Computer Forensics is only a tool, it is not a substitute for investigation. But, with some estimates that 85% of the time, some evidence of illicit activity can be found on computers, it is a tactic we always consider and often use.