Computer forensics has helped solve a number of criminal cases although a disproportional number of these cases have been for child porn, there are a few which were not. Of those non-child porn cases, one stands out, murder most foul. One murderer that would drive police and the FBI crazy for years until that fateful day that he made one mistake.
For 30 years, the case of the BTK (Bind, Torture, Kill) serial killer went as one of the biggest unsolved mysteries in America. With police trying in vain to identify the man who killed 10 people in and around Wichita, Kansas, between 1974 and 1991. However shortly after a new piece of evidence arrived on February 16, 2005, computer forensic sciences accomplished what police had failed to do for more than 30 years (IADT, 2011). They identified the killer!
On January 15, 1975 it all started with the murders of the Otero family. The father and son where both suffocated, BTK then strangled the mouther and then took the 11 year old daughter and hanged her from a drainage pipe. BTK continued to kill until 1991 with a total of 10 victims by the time he had stopped. He only ever killed two males the father and son in the Otero family, as his preferred target was females. Furthermore, his youngest victim was only 11 years old and his oldest was 62. Lastly, his preferred method of dispatching his victims was by strangulation (Wikipedia, 2014).
BTK was also known for taunting the police with letters and evidence from the crime scene. However, his desire for attention would be his undoing when he sent a floppy disk to KSAS-TV in Wichita on February 16, 2005 (StarTribune, 2014). With the disk in hand the police computer forensics experts set about to discover its secrets. Within hours, they discovered a deleted Microsoft Word file that contained hidden metadata that identified that the file had been made on a computer at Christ Lutheran Church with the last person to modify the file named Dennis. Furthermore, investigators searched the church website and discovered a Dennis Rader listed as the president of the congregation council.
This seemingly harmless little blue disk turned out to be the smoking gun the police were looking for over the last 30 years. Soon the police had identified their suspect and stated to compile the evidence, like a puzzle it all stated to come together and it was all pointing to one Dennis Lynn Rader. On February 25, 2005, BTK (Dennis Lynn Rader) was arrested and was charged with 10 counts of first degree murder 3 days later (Kansas, 2014). Looking at this case you can see the strengths of computer forensics.
What can we take away from this case? First, when you delete a file on any magnetic media it is not really gone. This is because you are only deleting it from a table on the disk that identifies where files are located. This is done to increase performance on the disk by reducing unnecessary writes. Secondly the case points out how computers use metadata to keep track of files and there usage. In this case by recording the computer name and the name of the user who is logged in at the time the file is modified. Lastly, a quick web search pulled it all together and bagged a killer.
Next is the story of a “la fem fatale” Melanie McGuire the notorious Suitcase Murder. On April 23, 2007 she was convicted of first-degree murder for the death of her husband (Craven, 2007). In which she drugged her husband, shot him twice to death, and then dismembered his body. Later she put his dismembered remains into three matching suitcases, which were later found in the Chesapeake Bay (Reid, 2007).
Melanie was the prime suspect from day one and though this is not a watershed case with computer forensics saving the day like the BTK case it did help in proving her intent in murdering her husband. After computer forensic scientists got a hold of her computer they discovered a great many disturbing things. She had meticulously planned the murder, by Google searching “How To Commit a Murder”, “Untraceable Poisons” and “Where to buy a gun in Pennsylvania”. Computer Forensic scientists were able to recover the Google searches she thought she had deleted (elwoodforensics, 2014).
Aging we learn from this case that things that you delete are not really deleted. However, when it comes to web searches there are now tools that allow a criminal to search the internet without leaving traces of it on their computer (Google, 2014). Tools like Google incognito mode and one use VM systems along with encryption is driving an arms race between criminals and the police and their Computer Forensic scientists. It was easy to bag the Suitcase Murder but in the future, it might not be so simple.
Works Cited
Craven, L. (2007, 04 23). Jury: 4 guilty, 4 not guilty. Retrieved from NJ: http://blog.nj.com/ledgerupdates/2007/04/jury_4_guilty_4_not_guilty.html
elwoodforensics. (2014, 09 13). What are some cases solved by Computer Forensics? Retrieved from elwoodforensics: http://elwoodforensics.wikispaces.com/What+are+some+cases+solved+by+Computer+Forensics%3F
Google. (2014, 09 13). Browse in private (incognito mode). Retrieved from Google: https://support.google.com/chrome/answer/95464?hl=en
IADT. (2011, 01 06). Most Famous Case Ever Solved by Computer Forensics . Retrieved from IADT (International Academy of Design & Technology): http://www.iadt.edu/student-life/iadt-buzz/january-2011/most-famous-case-solved-computer-forensics
Kansas, T. S. (2014, 09 13). BTK Serial Killer Suspect’s Charges State of Kansas v. Dennis Rader. Retrieved from Find Law: http://news.findlaw.com/cnn/docs/btk/karader30105inf.html
Reid, B. M. (2007, 04 24). McGuire timeline. Retrieved from NJ: http://blog.nj.com/ledgerarchives/2007/07/mcguire_timeline.html
StarTribune. (2014, 09 13). Camp novel crops up in the BTK case. Retrieved from JOHN SANDFORD: http://www.johnsandford.org/articles050303.html
Wikipedia. (2014, 09 13). Dennis Rader. Retrieved from Wikipedia: http://en.wikipedia.org/wiki/Dennis_Rader
