Efforts by a state-run agency to develop a homegrown computer forensics software have come into the limelight after the alleged involvement of two Indians in a failed terrorist attack on the Glasgow Airport last month.
CyberCheck, a software product developed by the cyber-forensics team of the Centre for Development of Advanced Computing (C-DAC) is being used by police officials at Bangalore, home to one of the Glasgow suspects, Khafeel Ahmed, to analyse and mine the computer that he used while visiting his parents in India’s tech capital. The investigation success, C-DAC officials hope, will draw attention on the products built at its five-year-old cyber forensics centre in Thiruvananthapuram.
Cyber forensics is an emerging investigation science that aims to uncover evidence by extracting data from computers, personal data assistants (PDAs) or even a smartphone. It involves finding data, preserving it and presenting it in a manner acceptable in a court.
Internationally, encryption, forensics and related software often fall under tight government regulations, which clamp down on its exports and mandate embedding loopholes that agencies of the originating country can use to access data where ever it is sold and used.
C-DAC has investigated around 110 cases, including a case where threatening emails were sent to Prime Minister Manmohan Singh and senior government officials, involving cyber crimes such as forgery, fraud, hacking, “phishing” and cheating. It has assisted state police departments, the Central Bureau of Investigation (CBI) and the Indian Army.
With the increasing use of computers, cellphones, satellite phones and the Internet by terrorists and other criminal elements, C-DAC scientists see an increasing demand for cyber forensic products.
“Currently, most of the crimes reported, whether cyber or otherwise have digital evidence in the form of computer hard discs, mobile phones, PDA devices and digital cameras. As more and more people buy these devices, misuse is on the rise, which means there is going to be large potential for cyber forensics tools in India,” said Bhadran V.K., joint director at C-DAC’s Resource Centre for Cyber Forensics in Thiruvananthapuram.
The local seller of “Encase”, a forensics software of Pasadena, Guidance Software Inc., agrees. “The Indian cyber forensics market is a hugely potential market. It is like a 100-storey building and where we are at now, we haven’t even begun building the ground floor. Just one or two players cannot make that 100-storey building and we want more people in this field,” said S. Venkatesan, director of Labs System India Pvt. Ltd, a reseller in India for Encase.
C-DAC’s products face competition from established US companies such as Guidance Software, Pleasant Grove, Utah-based Paraben Corp., Chatsworth, Intelligent Computer Solutions, Inc. and Digital Intelligence Inc. The Indian agency is using the plank of affordability to hawk its wares.
Encase, used by both government agencies and private customers such as audit firms Ernst & Young, as also the likes of Wipro Ltd, is priced between Rs1.5 lakh and Rs3 lakh for a single licence and, Rs1 crore and above for enterprises of more than about 6,000 users. In contrast, C-DAC’s CyberCheck sells for Rs30,000 a licence and has sold about 100 copies in India. “Our advantage is that we have designed and developed these products in India,” Bhadran said.
An Indian user of cyber forensic products says he is more comfortable with C-DAC products given it can support Indian languages, be easily improved and customized to local needs, and because the users do not need an “imported expert witness” when a case is presented in court.
“We have been using both Encase and C-DAC’s products and feel that prices of the latter are one-fifth of those products that are imported. It’s also easy to submit these products in the Indian court of law and amend them as and when the law changes,” said a CBI official on condition of anonymity because he isn’t authorized to speak to the media.
C-DAC has drafted an ambitious road map for the future. It is developing a tool to analyse crimes committed through PDAs and smartphones, which are increasingly becoming more affordable in India. Bhardan said that C-DAC evolved?PDA?forensics?to?combat the terrorists using smartphones, which don’t have a hard disc and so, “normal digital forensics principles cannot be applied here.” C-DAC will launch its PDA tool next month in India, joining a select few makers of such software.
Bhadran’s team is also working on a “voice and data session analyser”, which it plans to launch in November. This will be able to assist investigating agencies to analyse network-related crime using a simple-to-use interface and provide?statistical?analysis. C-DAC, which recieves funds of under Rs6 crore from the IT ministry, is working on a portable hardware tool for the agencies.