|“||Cyberforensics employs electronic tools to extract data from computer storage media without altering the data retrieved. Cyberforensics techniques may also require the reconstruction of media to retrieve digital evidence after attempts to hide, disguise, or destroy it.||”|
"Using cyberforensic tools and techniques, cybercrime investigators and examiners gather and analyze electronic evidence. If available, cyberforensic laboratories may be used to extract the electronic evidence and present it in a court-admissible format. The evidence could entail analysis of terabytes of information on multiple electronic devices, the electronic path taken by a fraudulent e-mail, pornographic images stored on a hard drive, or data stored on a mutilated but later reconstructed CD-ROM. The ability to gather electronic evidence and the assurance that cyberforensic procedures do not compromise the evidence gathered can be key to building a case and prosecuting cybercriminals."