Computer forensics is the branch of forensic science that examines evidence stored digitally on a hard drive or other data storage medium.
History
Computer forensics can be traced back to the beginning of the 1990s when computers began to be integrated into our daily existence. DIBS USA was one of the first computer forensics companies to emerge.
Function
Computer forensics is about the preservation and extraction of data. Data is often found in server logs or on suspects’ hard drives. Since every move on a computer leaves a footprint, forensic experts have to find out how to tie that footprint to a case.
Misconceptions
Computer forensics doesn’t involve a lot of high-level hacking or computer security knowledge since most of the data that investigators would be looking for is in logs. The hardest part is going through each of those logs that can contain thousands of entries per second.
Types
There are various types of computer forensics that look to fulfill different purposes. Network analysis shows data traffic while another branch could involve retrieving data off a scorched laptop hard drive.
Effects
Computer forensic technology has led a lot of criminals to use encryption technology. Since military-grade encryption is legal for use in the United States, many people encrypt their files with algorithms that are impossible for forensic experts to crack.