Internet of Things Forensics and Data Recovery

Leading Embedded Device & IoT Forensics and Data Recovery Services by our Sydney And Melbourne Consultants

Make Device Security A Priority

Embedded devices and IoT typically operate using embedded operating systems or microcontrollers. They often store personally identifiable user data and connection configurations to communicate with the internet, base station or other devices. If you suspect your device may hold essential data for an investigation, Gridware can perform a forensic analysis of your device to determine what data it holds and what operations it was performing at the time of the incident.

Get Ahead of Threats

Often IoT and embedded devices are built from building blocks from several suppliers. Each supplier may claim they are secure and even provide documentation with phrases like ‘military grade encryption’ or ‘512bit AES keys’ but many are not secure when they are integrated into an embedded environment and communicating with other components. We can verify each component operates as described and how they operate together.

We have had great success in accessing the memory of a range of IoT and embedded devices, even for devices that are no longer functioning or are damaged. We utilise a range of software and hardware tools to investigate your devices and extract essential data for your investigation.

Investigations we have worked on range from employee misconduct to criminal proceedings. Our experts have testified in court on many occasions.  

Why Choose Gridware for IOT Forensics and data recovery

Our forensics experts have over 20 years of experience designing embedded systems, from Printed Circuit Board (PCB) design to developing tools and methodologies for programming and extracting data from embedded and IoT devices. Where other companies use off-the-shelf tools that cannot deliver results if the device is not supported or is damaged, Gridware will go beyond and build tools to perform the forensic investigation and extract the data for your investigation.

Gridware's forensics team in Sydney and Melbourne is uniquely positioned to offer rapid turnaround, coupled with a depth of experience and an enviable list of commercial and government clients.

Gridware's Embedded Device & IoT Process

We can examine your devices either as part of an ecosystem, including networked devices or a web portal, or as a stand-alone black box environment. Gridware will explore IoT and embedded device vulnerabilities by mapping the entire attack surface, including the investigation of:

Hardware

Including chipsets, microcontrollers, processors, flash memory, boot ROM and sensors, as well as hardware communication protocols such as JTAG, SWD, UART, SPI, I2C and USB.

Firmware

Investigating the compiled native code stored in the device's memory that controls and configures its operations.

Network Communications

Examining how the device communicated with the outside world via bluetooth, Wi-Fi, Zigbee, Collular 4/5G, LoRa, NFC and RFID.

Encryption or Read Protection

Analysing the device's encryption, including how credentials are transferred over links, if symmetric or asymmetric encryption is used, how keys are shared and if the data at rest is encrypted or protected from extraction.

Benefits of Embedded Device & IoT Forensic and Data Recovery

Extract essential evidentiary data from your devices

Independent service from advice to detailed reverse engineering of software and hardware functionality

IoT Forensics and Data Recovery FAQs

Embedded Devices and IoT often store personally identifiable user data and connection configurations to communicate with the internet, base station or other devices. They typically operate using embedded operating systems or microcontrollers. Some examples include:

  • Fitness Trackers
  • GPS Systems
  • Home Security
  • IP Cameras
  • Health Monitors
  • Smart TVs or Fridges
  • Amazon, Google and Apple Home Devices
  • Speakers
  • Routers

No. Rarely are two devices the same. While we see many of the same components, their configuration and use are unique and hence the data extraction and forensic examination is customised to your devices.

We have dedicated team members who specialise in embedded and IoT devices. We can usually turn around initial results within a week.

Gridware specialises in extracting data from damaged devices, including those that have been damaged through water, fire, and physical force. We have extracted data from air and sea navigation systems, sports video recording devices such as GoPro’s, vehicle trackers and GPS systems, hidden spy cameras, CCTV recording equipment, IP Cameras, and damaged mobile phones.

Customer Stories

Gridware has acted for hundreds of companies and helped them recover from potentially disastrous situations. Read about how our services have helped others:

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.