• Skip to main content
  • Skip to footer

FRA

Forensic Risk Alliance

  • About FRA
    • What We Do
    • Who We Are
    • International Expertise
    • Corporate Social Responsibility
  • Expertise
    • Forensic Accounting
    • Investigations
    • Corporate Compliance Monitorships
    • Disputes and Arbitration
    • Data Governance, Technology Solutions and Forensics
    • Technology Solutions
    • Digital Forensics
    • Data Analytics
    • Accounting, Audit and Regulatory Advisory
    • eDiscovery Consulting
    • Disgorgement, Gain and Ability to Pay Calculations
    • Compliance and Risk Assessment
    • Restructuring & Insolvency
    • AML and Sanctions
    • Mobile Discovery Solution
    • Securities Litigation
  • Results
    • A History of Success
    • Case Studies
    • Sectors We Serve
  • News and Insights
  • FRA Pulse
  • Careers
  • Contact
The Importance of Memory Forensics in Fraud Investigations in The Lawyer

The Importance of Memory Forensics in Fraud Investigations

April 1, 2019

As technology becomes more prevalent in our day-to-day lives, so does the likelihood that fraudulent behavior will be disguised within the folds of seemingly endless electronic data. As a result, fraud investigations have become heavily reliant on electronically stored evidence, thus making digital forensics professionals an essential part of modern-day investigations.

There are a few sources of this valuable electronic information, including dynamic data. Dynamic data is information that is periodically updated, like computer memory or Random Access Memory (RAM). RAM temporarily holds data being used by a computer’s internal processes, which can include browsing history or cryptographic keys. However, RAM can be volatile – all data stored in RAM is lost when a computer is powered off. Knowing this, digital forensics professionals are keen to take this into account during forensic collection.

Members of FRA’s eDiscovery team located a password-protected file that they could not crack. Unable to open the file using traditional forensic tools, but armed with the knowledge that the computer’s RAM had been preserved, the team was able to create a word list from the memory and decrypt the protected file.

In the March issue of The Lawyer, FRA Senior Director Russell Miller, and FRA Director William Odom, discuss the importance of memory forensics.

Want to receive updates from FRA?

Join our Mailing List

London

Audrey House
16-20 Ely Place
London EC1N 6SN
United Kingdom
+44 (0)20 7831 9110

Washington, DC

2550 M Street NW
Washington, DC 20037
United States
+1 (202) 627-6580

Providence, RI

40 Westminster St.
Suite 500
Providence, RI 02903
United States
+1 (401) 289-0866

Dallas, TX

One Cowboys Way
Suite 470
Frisco, Texas 75034
United States
+1 (469) 604-0925

Paris

44, avenue George V
75008 Paris
France
+33 1 74 88 05 40

Canada

20 Place du Commerce
Nuns’ Island
Montreal, Quebec H3E 1Z6
Canada
+1 (401) 289-0866

New York City, NY

434 W. 33rd Street
7th Floor
New York, NY 10001
United States
+1 (646) 921-1865

Philadelphia, PA

727 Norristown Road
Building 8 Spring House
Innovation Park, Suite 206, Lower Gwynedd, PA 19002
United States
+1 (267) 405-9302

Stockholm

7A Centralen
Vasagatan 7
111 20 Stockholm
Sweden
+44 (0)7747 790232

Zurich Office/Datacenter

Richtistrasse 7
8304 Wallisellen
Switzerland
+41 79 755 4893
  • Privacy
  • Legal
  • Cookies
  • Modern Slavery Statement
  • Sitemap
  • Contact
  • LinkedIn
  • Twitter
© 2021 The FRA group in the UK comprises Forensic Risk Alliance Limited (number 3895636) and FRA Solutions Limited (5863958). Both are limited companies registered in England & Wales, and have their registered office at 3rd Floor, Audrey House, 16-20 Ely Place, London EC1N 6SN. The term partner is used to denote senior employees of the limited companies. All rights reserved.