FEATURED IN TECHNOLOGY AND COMMUNICATIONS
Over time, technology has taken law enforcement through a variety of advances—from the police car, to the two-way radio, to DNA evidence and more—each significantly changing the way officers do their jobs. Now, in a world where nearly everyone is plugged in to some form of technology, the law enforcement community has evolved once again.
Enter digital forensics: The latest in law enforcement innovation that’s forever changed the way crimes are investigated and solved. Although digital forensics has been available for some time, many agencies have been slow to adopt this tool—either not recognizing the need, or not having the training and technology available to properly complete an investigation.
For the Bloomington (Ill.) Police Department (BPD), the development of digital forensics began in 2004 with a homicide case of a young African-American man accused of killing a young Caucasian man. The suspect claimed he was innocent, arguing that he’d been home on his computer at the time of the incident.
Although we were able to confiscate the computer as evidence, we didn’t have the training or the technology to run an investigation ourselves. Because of the racial implications involved, this became a high-profile case in the community, and our department was unable to prove or negate the alibi. At the time, there were three locations in Illinois capable of completing a digital investigation, but the soonest any could complete the investigation was a year and a half. It was at this moment we realized we had a problem.
Building Our Unit
The mission of the BPD is “to work in partnership with the citizens of Bloomington to enforce the laws and enhance the quality of life in our community.” However, our lack of digital forensics made it virtually impossible to uphold our pledge to the community. We knew the BPD needed to adapt to the trend in digital forensics and become self-
sufficient. To do this, we needed to reach out for help.
One of the three locations available for processing digital forensics at that time was the Central Illinois Cyber Crime Unit (CICU) headquartered in the U.S. Attorney’s Office in Peoria. Through this agency, and with the city providing funding, we were able to create our own Cyber Crime Unit in late 2004.
The Cyber Crime Unit at BPD started with a single computer and laptop. As the officer assigned to the unit, I chose Forensic Computers to provide the hardware, and selected Guidance Software’s EnCase software and Tableau’s write block technology for the software. The CICU had been using these software solutions, so I knew these programs were effective and reliable. With the hardware and software selected, I immediately started researching training programs, and enrolled in the EnCase course that eventually led to my certification as an EnCase Certified Examiner (EnCE).
As cases grew, a second full-time investigator was added. I enrolled him in EnCase training and when he became EnCE certified, we added another computer and laptop. When storage became an issue, we added a nine-terabyte server, dedicated a section of the BPD as the Cyber Crime Unit and started building a lab with an internal network and security. Along the way, we’ve picked up a variety of computers and software solutions to add to the lab. Just this past year, we added a third person who’s now enrolled in training and en route to becoming EnCE certified.
Today, the BPD Cyber Crime Unit is a member of the CICU, with three Bloomington detectives assigned to the Peoria Office (Springfield Division) of the U.S. Secret Service (USSS), which falls under the USSS Cyber Crime Task Force, based in Chicago. The Peoria Division covers a 14-county area in the Central District of Illinois-Peoria Division, and has been one of the top-producing districts in the U.S. for our type of crimes. The BPD Cyber Crime Unit performs advanced computer forensics for the BPD and other area departments that request mutual assistance. The unit also performs advanced computer forensics for the USSS on federal cases.
Our relationship with the U.S. Attorney’s Office has been a great experience for our unit. Even though the U.S. Attorney doesn’t usually participate in investigations with us, we often sit in on meetings and make decisions about cases, which is unheard of in other agencies. In fact, what we typically find at other agencies is that the U.S. Attorney and the police are almost adversarial.
The Cyber Crime Unit has allowed us to investigate crimes in innovative ways, enabling quicker investigations and convictions. Today, we have what we call “on-scene digital forensics”: while conducting a search warrant, or “knock and talk,” it’s not uncommon for me or my partner to conduct a forensic examination at the same time that the suspect is being interviewed. This helps to steer the interview.
There are some agencies that are capable of digital forensic investigations, but don’t allow on-scene forensics. For our unit, on-scene forensics is a key opportunity and the benefits are substantial. Oftentimes, we can immediately dispute an alibi or garner a confession during the initial interview, saving the department significant time and resources.
Conviction from Within