In many cases, private companies can do this much faster than the police. “A lot of law enforcement-based digital-forensics labs are just swamped,” said Kathryn Seigfried-Spellar, a professor of computer science at Purdue University. “Almost every type of crime—whether it’s homicide, arson, or a computer crime—is going to have some sort of digital evidence associated with it.” As a result, she says, the backlog of devices and data awaiting analysis at police labs can stretch from months to years.
The Purdue computer science professor, who focuses on cyber security, has a computer whose operating system and software he generally doesn’t bother to update, even though he sometimes uses it to access sensitive files. That’s because the computer isn’t connected to the internet, which is generally the source of most malware.
In today’s digital age, we all have what’s called a digital footprint — information in the cyber world about who we are. It includes where we live, who our relatives are, where we work, what we earn, what we buy and it goes on and on.
“All that information is available and it’s out there permanently,” said Eugene Spafford, a computer sciences professor at Purdue University and executive director of the Center for Education and Research in Information Assurance and Security. “Once it gets out, there’s really no way to call it back.”