Episode 7: I Beg to DFIR – The Value of Health Data for Investigations
As the current health care crisis deepens, more tools are being developed to track health information through mobile devices. In this episode, we will discuss the increasing relevance and value of gathering health data from both iOS and Android devices.
What Can You Get From Health Data?
Health data collected from mobile devices can provide valuable information including:
- Location history
- Pattern-of-life information
- Fitness friends, groups, etc.
- Health information
- Allergy and medication details
- Profile information – sex, weight, height, allergies, medication habits, and more
To collect this data from iOS devices, there are three options:
- Advanced Logical or an iTunes backup data collection.
- Full-File-System Extraction using checkm8 or other tools.
- iCloud backup if the user has previously opted to store their health data in the Cloud.
Android devices offer two data collection options:
- Physical Extraction
- Full-File-System Extraction
With all the smart wearables on the market today, there are many tracker options that continuously log health data and fitness statuses. These sync up with mobile devices, which can add an additional layer of insights such as heart rate.
As data that wearables log is challenging to collect directly from the device itself, knowing how to access the synced data on the mobile device provides an easier way to surface essential health data.
Examples of how to find Samsung health data within the Cellebrite Physical Analyzer interface are shown below.
Follow along with the podcast to find out ways to analyze and leverage health data in your investigations.
I also encourage you to read the following helpful articles:
- How health app data improves location accuracy and activity identification-for investigations
- How to detected unparsed applications – Part 1
Send your ideas for topics and other comments to ibegtodfir- at – cellebrite.com.
Register for the next iBeg to DFIR episode here.