FEATURED IN TECHNOLOGY AND COMMUNICATIONS
Over time, technology has taken law enforcement through a variety of advances—from the police car, to the two-way radio, to DNA evidence and more—each significantly changing the way officers do their jobs. Now, in a world where nearly everyone is plugged in to some form of technology, the law enforcement community has evolved once again.
Enter digital forensics: The latest in law enforcement innovation that’s forever changed the way crimes are investigated and solved. Although digital forensics has been available for some time, many agencies have been slow to adopt this tool—either not recognizing the need, or not having the training and technology available to properly complete an investigation.
For the Bloomington (Ill.) Police Department (BPD), the development of digital forensics began in 2004 with a homicide case of a young African-American man accused of killing a young Caucasian man. The suspect claimed he was innocent, arguing that he’d been home on his computer at the time of the incident.
Although we were able to confiscate the computer as evidence, we didn’t have the training or the technology to run an investigation ourselves. Because of the racial implications involved, this became a high-profile case in the community, and our department was unable to prove or negate the alibi. At the time, there were three locations in Illinois capable of completing a digital investigation, but the soonest any could complete the investigation was a year and a half. It was at this moment we realized we had a problem.
Building Our Unit
The mission of the BPD is “to work in partnership with the citizens of Bloomington to enforce the laws and enhance the quality of life in our community.” However, our lack of digital forensics made it virtually impossible to uphold our pledge to the community. We knew the BPD needed to adapt to the trend in digital forensics and become self-
sufficient. To do this, we needed to reach out for help.
One of the three locations available for processing digital forensics at that time was the Central Illinois Cyber Crime Unit (CICU) headquartered in the U.S. Attorney’s Office in Peoria. Through this agency, and with the city providing funding, we were able to create our own Cyber Crime Unit in late 2004.
The Cyber Crime Unit at BPD started with a single computer and laptop. As the officer assigned to the unit, I chose Forensic Computers to provide the hardware, and selected Guidance Software’s EnCase software and Tableau’s write block technology for the software. The CICU had been using these software solutions, so I knew these programs were effective and reliable. With the hardware and software selected, I immediately started researching training programs, and enrolled in the EnCase course that eventually led to my certification as an EnCase Certified Examiner (EnCE).
As cases grew, a second full-time investigator was added. I enrolled him in EnCase training and when he became EnCE certified, we added another computer and laptop. When storage became an issue, we added a nine-terabyte server, dedicated a section of the BPD as the Cyber Crime Unit and started building a lab with an internal network and security. Along the way, we’ve picked up a variety of computers and software solutions to add to the lab. Just this past year, we added a third person who’s now enrolled in training and en route to becoming EnCE certified.
Today, the BPD Cyber Crime Unit is a member of the CICU, with three Bloomington detectives assigned to the Peoria Office (Springfield Division) of the U.S. Secret Service (USSS), which falls under the USSS Cyber Crime Task Force, based in Chicago. The Peoria Division covers a 14-county area in the Central District of Illinois-Peoria Division, and has been one of the top-producing districts in the U.S. for our type of crimes. The BPD Cyber Crime Unit performs advanced computer forensics for the BPD and other area departments that request mutual assistance. The unit also performs advanced computer forensics for the USSS on federal cases.
Our relationship with the U.S. Attorney’s Office has been a great experience for our unit. Even though the U.S. Attorney doesn’t usually participate in investigations with us, we often sit in on meetings and make decisions about cases, which is unheard of in other agencies. In fact, what we typically find at other agencies is that the U.S. Attorney and the police are almost adversarial.
The Cyber Crime Unit has allowed us to investigate crimes in innovative ways, enabling quicker investigations and convictions. Today, we have what we call “on-scene digital forensics”: while conducting a search warrant, or “knock and talk,” it’s not uncommon for me or my partner to conduct a forensic examination at the same time that the suspect is being interviewed. This helps to steer the interview.
There are some agencies that are capable of digital forensic investigations, but don’t allow on-scene forensics. For our unit, on-scene forensics is a key opportunity and the benefits are substantial. Oftentimes, we can immediately dispute an alibi or garner a confession during the initial interview, saving the department significant time and resources.
Conviction from Within
In 2008, our unit used digital forensics to solve a case that involved a serial rapist who’d been breaking in and attacking women in the community. Ultimately, the serial rapist turned out to be one of our own—Jeffrey Pelo, a sergeant with the BPD.
Pelo would rape women, and then come to work, acting as one of the shift supervisors investigating the crimes. He’d been very good at cleaning out his active computers of any evidence, but after multiple search warrants, we came upon an abandoned computer in his home. Pelo had also been using his work computer to search for the women he raped.
My partner was able to reconstruct pornographic Web pages and pictures from the computer that depicted police officers raping women. With this evidence, my partner prepared a demonstrative exhibit on the type of pornography that Pelo was using, and it was this digital evidence, paired with the circumstantial case of his being the rapist, that convicted Pelo for life. The State Attorney’s Office said that if it weren’t for the digital forensic evidence, they were unsure if the case would’ve been solved based on circumstantial evidence alone.
For my partner and I, the interesting thing about this case is that up until then, the BPD didn’t understand what we were doing with digital forensics, and it was difficult to demonstrate what we do or explain the benefits. Digital forensics is basically a new frontier, and the BPD had no idea that technology like this was even possible. It was this case that sealed the unit’s existence in the BPD.
In 2010, we started using a cutting-edge technique that utilizes online database information. This information allows us to identify individuals who are trading child pornography over the Internet, enabling us to obtain a search warrant based on the historical data.
Prior to starting the operation, we took the time to go with the U.S. Attorney and educate the judge on what exactly we would be doing. Now we’re able to obtain historical search warrants for past behavior, go to that offender (who obviously has no idea we’re coming), search the house, and in every case so far, we’ve found child pornography. When the evidence is clear and unchallengeable, we normally obtain confessions from the perpetrators. As far as I know, we’re the only U.S. Division prosecuting this type of investigation.
This operation has allowed us to find and convict offenders who hadn’t even been on our radar. During an interview and polygraph, one offender admitted to molesting his own infant son. Without our proactive approach, this may have never been reported.
Before creating our Cyber Crime Unit, the BPD had no digital forensic capability. Six years later, the BPD is now operating its own fully functioning lab, and has grown to be one of the most innovative departments in the country.
The city has also received a federal grant that I manage and distribute to eight agencies. The grant goes toward educating each agency about digital forensics, helping them to become forensic capable and assisting their forensic examiners to achieve EnCE certification. With the help of digital forensics, we are able to make quicker convictions and solve cases that might not have been possible without its use.
And for those of you wondering about the homicide case that started it all: Digital forensics was able to disprove the alibi and convict the young suspect.
Det. Michael A. Fazio has been with the Bloomington (Ill.) PD for 28 years. For the past 13 years, Fazio has worked in the Detective Division, first investigating child exploitation cases and later being assigned to a federal task force as a special federal officer working on cyber crime and functioning as a computer forensic examiner. Fazio is presently assigned to the U.S. Secret Service Cyber Crime Task Force.