The field of data recovery involves the process of extracting data from various storage devices such as mechanical hard drives, solid state drives, USB flash drives, CD/DVD/Blu-Ray/UHD and other discs, RAID servers, and magnetic tapes. The data can be on computers, tablets, or smartphones, and it can be password-protected, encrypted, corrupted, erased, hidden, overwritten or damaged.
Data recovery experts are usually brought in when computer files can no longer be accessed and a backup is not available. Common causes are a lost password, a user error such as accidental deletion, a software or hardware failure such as bad sectors or collapsed RAID partition, a malware, ransomware, or virus attack, or intentional locking or hiding of files by suspects in criminal cases.
The use of specialised industry disk-imaging procedures can harvest every last byte of data off the drive. Once the data is recovered, it might still be encrypted, and law-enforcement authorities have access to tools that can crack passwords, such as “brute-forcing” using trillions of rapid password attempts.
At the bottom of this profile are brief details of a number of the experts that Expert Experts represents. Call our office to discuss your requirements and to obtain a recommendation that suits your needs and budget.
Expertise in ActionThe often conflicting and controversial issues of enforced data recovery and the right to privacy have been in the news recently where critical data pertinent to a criminal case is contained on a password-protected or encrypted computer or locked smartphone. Tech corporations such as Apple and Facebook are asked by law enforcement authorities for assistance to access and turn over data on a suspect’s device. This data may contact lists, call history, and messages linking the suspect to other suspects, browsing history revealing the planning of a criminal act, and location data that can dispute alibis and place suspects at the scene of a crime. In perhaps the most high-profile case to date, the United States Department of Justice requested that Apple assist the FBI in accessing the data on the Apple 5C phone owned by San Bernardino mass-shooter Rizwan Farook. Apple refused but the phone was eventually hacked by the FBI in 2016 with the assistance of data recovery experts.
A recovery data expert can give information of how data has been hidden, locked or encrypted and reveal ways it can be accessed by law-enforcement authorities undertaking investigations. Experts can assist in court during legal cases by explaining the forensic methods used to reveal critical evidence.
Sample ReportsFor some fields of expertise we have some sample sections of de-identified reports. Please contact our office if you are interested in a sample.
CostThe overall cost of expert opinion depends on the services required. Some of the key factors that affect the cost of advice include:
US intelligence agency contractors, security engineers and counter-espionage government manufacturers have developed tools that exploit vulnerabilities in smartphone encryption, allowing law enforcement agencies to hack into locked devices.
Australia drafts laws forcing Facebook and Google to reveal encrypted dataThe Australian government has drafted legislation to be introduced in 2018 that will compel companies such as Google and Facebook to cooperate with security agencies seeking access to encrypted data contained in secure messaging apps such as Whatsapp, Signal and Silent Text.
Computer Forensics InvestigatorAn article on what makes a computer forensics investigator.
Relevant Cases Prescience Communications Limited v Commissioner of Taxation Office [2006] FCA 1561A company that had its computer seized by the ATO sought to prevent the Commissioner from making copies of the hard drives via disk-imaging.
Lifeplan Australia Friendly Society Ltd v Woff [2016] FCA 248 (15 March 2016)A case in which important emails were deleted, requiring them to be recovered.
CFJ v Children's Guardian [2016] NSWCATAD 62 (8 April 2016)A child protection matter in which examination of a computer by a forensics expert was used.
Related Blog ArticlesBelow are short profiles of a few experts with expertise in this field. Please contact our office to discuss your specific requirements and to obtain a recommendation that suits your needs and budget. Expert Experts are experts in finding the right expert for your needs and you pay no more to use Expert Experts than if you searched and found the expert yourself.
ID12997 is a mobile phone forensic examiner with 16 years of experience over a broad range of digital forensics areas. They currently run an ad hoc consultancy in forensics, IT security system hardening, and eDiscovery. They also have experience in physical and cyber security.
Sydney, NSW
ID11538 is an experienced information technology expert specialising in computer-based crime and the recovery of erased, encrypted, damaged and protected data.
Adelaide SA
Expert Experts sources experts in all disciplines for lawyers, insurers, government and industry across Australia
Since 2001 Expert Experts have been helping clients across Australia find the right expert to address their evidentiary requirements across many areas of law.
Let us help you save time and cost.
Announcing - New experts and new fields of expertise.
Paul Heath appointed Expert Experts new CEO
Conclaves - An introduction to Conclaves (esp in the NSW District Court)