System Forensics
Explicate how digital forensics was used to identify Rader as a suspect and lead to more concrete physical evidence. Digital forensics was used to identify Dennis Rader based upon a computer disk he sent to the police. What happened is Rader resumed communication with law enforcement as the BTK killer. In one of his letters he included a disk. That was on a Microsoft Word document for them to examine. They turned this over to computer forensic experts, who found out that there was another file which was previously deleted. (Vacca & Rudolph, 2011) (Raggo, 2012) (Sammons, 2012)
Forensic scientists were able to retrieve it and conclude that it was someone named Dennis from the Christ Lutheran Church. Investigators examined the church's website, and found out that the President of their Congregation Council was a man named Dennis Rader. This helped police to identify him as a suspect and conduct DNA tests. It proved that he was the BTK killer. (Vacca & Rudolph, 2011) (Raggo, 2012) (Sammons, 2012)
Describe in detail the digital evidence that was uncovered from the floppy disk obtained from Rader. Discuss why you believe it took so many years to find concrete evidence in order to build a case against Rader. The Encase software was used to locate the missing Word file. This was accomplished by piecing together the old document and allowing investigators to read it. The evidence provided them with the suspect's first name and the church he was affiliated
2. Explain, from a forensics perspective, the digital evidence found on the Anthony family computer
Rader sent numerous letters to police and media taunting them with gory details of his crimes. Then he stopped writing one day and police and the media thought he was never going to be caught and brought to justice. Then again in 2004 he wrote a letter to police because they did not connect a murder to him (Hickey, 2016). He wrote asking if there was any way to trace information from a floppy disk. The police lied and said there was no way.
In 2004, Rader had resumed contacting the police and asked them if he could send them files on diskettes. The authorities received the diskette and discovered it was from Rader’s church. This discovery was the major component in finding who BTK was. Another piece of evidence was a video in a Home Depot parking lot of Rader dropping off a BTK package driving his sons van. The last and very significant piece of evidence was
Dennis Rader was known to write letters that were sent to police and news agencies about the murders. These letters would include how the crime scene was set up, what the people were tied up with, and how they were killed. Some of these letters and packages also had clues in them in different forms. He did this because he was seeking the fame that other killers such as Ted Bundy had received from the media. He sent one letter to a local news station that had hidden words in it that spelled out “D. Rader” and “6220”, which was his street address. However, the clues in his numerous letters would not give him away. Some of his clues were overlooked, some could not be deciphered, and some did not make sense with the investigation. What did give him away was a floppy disk that was sent to a local news agency. This document had data on it that named the author and brought them to the Lutheran church that Rader was a part of. Computer technology had advanced in the decade since his last murder that led them to this embedded
capture. The nail in the coffin of his career was the floppy disk. Rader asked police in an anonymous letter whether they could trace a floppy disk back to him (Singular 146-148), which anyone with knowledge of the internet would know is possible. In Mark Hansen’s article “How the Cops Caught BTK”, Mark Rasch, senior vice president and chief security counsel for Solutionary, a computer security and forensics firm, affirms that “when a computer user deletes data from a floppy disk, the data itself doesn't disappear” (Hansen). A mastermind criminal would never make such a heinous error. The main detective on the case, Ken Landwehr admits, "Him sending that disk is what cracked the case. If he had just quit [killing] and kept his mouth shut, we might never have connected the dots” (Hansen). This disk gave police a positive lead to him. Without this dramatic move on his part, Rader would have never been caught. Profiling is what led to this occurrence though. If police had not known how that he would get “caught up in his own game that he would eventually give himself up” (Hansen), they couldn’t have known that luring him in with fake security would
Evidence plays a vital role throughout criminal investigations. Typically, we think of evidence as things such as fingerprints, DNA, and fibers. However, evidence as evolved as the world of technology has expanded. Digital evidence also now plays just as much of an important role as traditional evidence. When beginning an investigation that involves digital evidence, it is important for the investigator to know what evidence to look for. Identification of evidence, collection including transportation of evidence and examination of evidence are the three main aspects of the process.
What potential sources of digital evidence do you find at a crime scene? First of all, what is digital evidence? Digital evidence is any information or data of value to an investigation that is stored on, received by, or transmitted by an electronic device. Also, Digital evidence or electronic evidence is any probative information stored or transmitted in digital form that a party to a court case may use at trial. Text messages, emails, pictures and videos, and internet searches are some of the most common types of digital evidence. Most criminals now leave a digital trail;
Dennis sent a floppy disk with information on a Microsoft word document to the police. This is where digital forensics comes in. They found that the owner of the file was named
For the next victims he would go on to calling the police to tell them about his victim Nancy fox, and he sent a poem to a local newspaper detailing the murder od Shirley Vian. In 1977 Dennis Rader waited in the house of his target, he them became impatient and left before she returned home. But Dennis Rader was sure to leave a note to let her know that the BTK killer had been in her home. The case had gone cold by 2004, until Dennis Rader sent a letter to the police. The reason Rader wrote to police claiming responsibility for a murder that hadn’t been associated with the BTK killer previously. Throughout many correspondences with police Dennis Rader asked if it was at all possible for them to track his information on a floppy disk. The police department told Rader that it was impossible when in fact it was possible. Some of the things they found on the USB that helped the police department included a link to a local Lutheran Church, and metadata from a Microsoft Word document. In the metadata they were able to determine that the document was created by someone named
Electronic evidence is very fragile because it can be destroyed or altered very easily, therefore it is imperative that investigators follow very careful all the procedural steps when collecting electronic evidence (Diversified Forensics). Before any electronic evidence is gathered investigators should determine whether there is probable cause that a crime has been committed, or if the crime was committed somewhere else the investigator should determine whether the electronic evidence will aid the investigation process to prove or disapprove the crime, if a warrant is needed it must be obtained prior to collecting the evidence (Diversified Forensics). Hard drives, computers, and other electronic devices must be turned off, unplug all cables,
It is pertinent during the preparation phase of an investigation, as well as the examination and documentation phases. Furthermore, these interviews are being conducted to gather information regarding the case to ensure the digital forensic investigator may plan their investigation accordingly. However, if a digital forensic investigator does not take time to prepare for the case, than they may overlook a crucial piece of evidence. Therefore, it is necessary that digital forensic investigators understand the interview process and how victims, suspects, or witnesses would react to questioning (UMUC, 2015). Accordingly, this document provides information regarding the material obtained from an interview, the interview methodology, and the recording methods that may be utilized during an
Psychopath Dennis Rader, alias the BTK Killer, killed a total of 10 people, including 2 children, over a fifteen year period ranging from 1974 to 1991. Rader was apprehended and arrested in 2005 because of newer forensic technology available to analyze DNA and computer forensics. Ultimately, it was Rader’s own daughter who turned police informant, and give them a DNA sample from her cheek saliva (Hansen, 2006). Young & Ortmeier (2011) describe how DNA Identification Act of 1994 led to the development of CODIS, which been used for varied reasons such as identifying violent offenders, victims and unidentified remains. Despite Rader’s cleverness and precautions, he carelessly left behind trace biological evidence from underneath his fingernails that was lifted forensically from a letter BTK sent to the
Digital crime has been on the increase due to the increasing use of computer and internet. This has led the investigators with another method of fighting this crime. This is Computer Forensics, a process of going into computer hard drive and capturing basic information the user believed it has been erased.
This means that digital evidence is hard to destroy and that in order to completely remove the evidence from the internet, one must possess a high level of knowledge in the area (Casey, 2011, p.26). This means that criminals who conduct online crimes will always leave online trails and it is up to the digital forensic scientists to retrieve the evidence (Casey, 2011, p.26). This is a strength and it also shows us why digital forensic scientists can play a crucial role as they are the few people that are trained in locating the trail of evidence left behind by the
In your report, describe how that evidence was discovered and retrieved by law officers or computer forensic experts