COMPUTER data cannot be fully trusted as criminal evidence, an IT security expert has warned, as a bill which allows the state access to online records was last week rushed through the UK parliament.
Professor Bill Buchanan, who is involved with training Police Scotland in how to analyse technological evidence, said that digital information can often can be changed while it is stored, transmitted or even processed.
He warned that digital data should be taken as “one part of the jigsaw” rather than the focus of an investigation.
Last week, the Data Retention and Investigatory Powers Bill was passed to allow the security services access to people’s phone and internet records.
The bill was rushed through the Commons lower chamber in one day, which attracted criticism from MPs and privacy campaigners alike. It was debated in the House of Lords the following day.
It has been argued that the bill will allow investigators urgent access to counter-terrorism information. The law would require phone and internet firms to store emails and phone calls for 12 months and will allow the police and security services investigating serious crimes to access details of whom a person spoke to, and when – but not the content of their communication.
But Buchanan said that computer data, which is often used in police investigations, can be easily manipulated.
“Digital information is really just a bunch of 1s and 0s. It is fragile, and often can be changed while it is stored, transmitted or even processed,” he said.
“Basically all the information that we see is converted from these 1s and 0s, and often provided in a way which can be easily compromised.”
He pointed to potential scenarios where, if a hacker is a work colleague or acquaintance and can get access to a person’s computer, the IP address which identifies each computer can be easily altered, or “spoofed” – making it look like the person has accessed or opened certain information when this has actually been done by someone else. This would making it easy to “frame” an innocent person.
“If you open a phishing email, such as a fake one claiming to be from Her Majesty’s Revenue and Customs, it downloads a bot on to your computer.
“That can then take screen shots of whatever you do. If someone can get access to your machine – even remotely – they can plant evidence on it,” said Prof Buchanan.
He said he feared that many MPs would not have a comprehensive knowledge of digital evidence.
“DNA and so on is a well known science but when it comes to digital information people are not aware of the technology,” he added.
Mandy Haeburn-Little, director of the Scottish Business Resilience Centre, said she employed “ethical hackers” – also known as “white hats” to do whatever they could to combat, and also understand, the work of cyber criminals.
“They constantly fight the forces of evil and seek out what is happening and who is doing what,” she said.
She added: “Police Scotland has an excellent cyber unit and works extremely hard to ensure that round the clock, Scotland is secure as it can be,” she said. “It is a constant battle for all of us.”
The bill is supported by the three main parties, but opposed by civil liberties campaigners.