Cell Phone & Email Forensics Investigation Cracks NYC Times Square Car Bombing Case
NEW YORK CITY: May 4th, 2010: Faisal Shahzad thought he was doing a pretty good job covering his tracks as he began his quest to detonate a homemade bomb in Times Square on a busy Saturday evening. Shahzad took a number of steps including removing the VIN number from the Nissan Pathfinder he purchased on Craigslist. Authorities were able to identify the suspect by tracking the email he used to negotiate the purchase of the vehicle. Craigslist’s seller records were used by investigators to track down the cell phone number used by the purchaser. Even though the cell phone used was apparently thrown away, forensic investigators were able to use the archived cell phone records, which often include GPS positioning coordinates and numbers dialed, to help piece together what had transpired. Additionally, municipal and private enterprise web cameras are often used to validate the computer data stored by telecommunications providers. The convergence of electronic information from multiple sources and correlation of this information by forensic investigators enable authorities to move with confidence in detaining the suspect prior to his attempt to leave the country.
Forensicon’s President Lee Neubecker reports, “Cell phones are more and more frequently used when conducting a forensic investigation involving theft, terrorism or deception of any kind. Many individuals falsely assume if they destroy their computer hard drive or cell phone that the data is gone. This just is not always the case.”
Forensicon has been involved with many investigations in which forensic cell phone analysis has been used to uncover conspirators in embezzlement schemes and misappropriation of client data by rogue employees. Many attorneys today are beginning to consider cell phone records when conducting legal discovery of electronically stored information, otherwise known as ESI. The prevalence of smart phones, such as the iPhone, BlackBerry and HTC allows for the search of additional data during discovery such as keyword searches, physical movement tracking of a suspect and websites visited. It is not uncommon for litigators to use this information to prove perjury when someone misstates their whereabouts or actions. Text messaging can also be a rich source of information obtained from the forensic analysis of cell phones.
The government has come a long way in sharing information between local governments and the various intelligence agencies. Ultimately, alert people on the ground who were able to identify suspicious behavior saved the day and many lives.