Oct 7 2012

Brief History of Computer Forensics

Author: admin | Category: Cyber Forensics, Featured | Leave a Comment

History!, History!, yes, every field has a strong historical background. Learning this history helps us to gain the evolution happened in the particular field of study. That knowledge distinguishes professional from an armature.

It is quite difficult to tell about the beginning of the computer forensics field or pinpoint the first computer forensic examination. However most experts in this field agree to that it began to evolve more than 30 years ago.

Father of Computer Forensics

Michael Anderson known as the father of computer forensics developed the infrastructure that brought about the study of data storage, loss, and theft in 1988. A special agent for the Internal Revenue Service, he assembled a group of well known computer specialists, including fellow IRS agents, an attorney for the US Attorney’s office, and three leading companies involved with data recovery. “Out of these meetings developed the first Seized Computer Evidence Recovery Specialists (SCERS) classes held in 1988 and 1989 at the federal law enforcement training center (FLETC) in Brunswick, Georgia and the creation of IACIS, the International Association of Computer Investigative Specialists.” These classes were the first in a series of classes supported by the government. These classes ushered in the field of study known today as computer forensics. In 1998 the first class encompassing all levels of law enforcement including Secret Service, IRS, US Customs, and Alcohol, Tobacco and Firearms (ATF) met at FLETC.

Evolution of Computer Forensics

By the 1970s, electronic crimes were increasing, especially in the financial sector.

Most law enforcement officers didn’t know enough about computers to ask the right questions or to preserve evidence for trial

1980’s – Financial investigators and courts realize that in some cases all the records and evidences were only on computers.

Norton DiskEdit soon followed – And became the best tool for finding deleted file.

Association of Certified Fraud Examiners began to seek training in what became computer forensics

SEARCH High Tech Crimes training created

Regular classes began to be taught to Federal agents in California and at FLETC in Georgia

HTCIA formed in Southern California

Xtree Gold appeared on the market – Recognized file types and retrieved lost or deleted files

1984 – The FBI created the Magnetic Media Program, later it become the FBI Computer Analysis and Response Team (CART) program.

1987 – Acces Data – Cyber Forensic Company formed

1988 – Creation of IACIS, the International Association of Computer Investigative Specialists

First Seized Computer Evidence Recovery Specialists (SCERS) classes held

1991 – International Law Enforcement meeting was conducted to discuss computer forensics & the need for standardized approach.

1994 – Department of Justice (DOJ) – Federal Guidelines for Searching & Seizing Computers

1995 – International Organization on Computer Evidence (IOCE) formed

1997 – The G8 countries in Moscow declared that “Law enforcement personnel must be trained and equipped to address high-tech crimes”.

FBI- Scientific Working Group on Digital Evidence (SWGDE) was established to develop standards in computer forensics.

1998 – In March G8 appointed IICE to create international principles, guidelines and procedures relating to digital evidence.

INTERPOL Forensic Science Symposium.

1999 – FBI CART case load exceeds 2000 cases, examining 17 terabytes of data

2000 – First FBI Regional Computer Forensic Laboratory established

2001 – USAF – Digital Forensics Research Workshop was held,

2003 – FBI CART case load exceeds 6500 cases, examining 782 terabytes of data

Academic – International Journal of Digital Forensics & Incident Response, Elsevier



Leave a Reply

Your email address will not be published. Required fields are marked *