How Computer Data Helped Investigate Quebec Shooter

Uploaded on 2018-06-18 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

The criminal proceedings against Quebec City's mosque shooter provided a glimpse into how police use computers to extract information about a suspect, even if that data has been erased.

Alexandre Bissonnette's seized laptop was forced to reveal its secrets through a specialized internet evidence finder software called IEF, created by Canadian company Magnet Forensics, which was founded by former Ontario police officer Jad Saliba.

Bissonnette, 28, pleaded guilty earlier this year to six charges of first-degree murder and six of attempted murder. His sentencing arguments are set to begin Monday.

The demand for such software services is exploding, according to Genevieve Lajeunesse of Crypto.Quebec, an independent media focusing on digital security, information technology and intelligence.

"There isn't a single crime scene today that doesn't have a technological element," she said.

IEF's client list includes the FBI, the Danish and UK governments, as well as police in Lima, Peru and other Western countries.

In Canada, prosecutors in the case of Guy Turcotte used internet search data to show the former cardiologist had looked up methods of painless suicide before killing his two young children.

The information gleaned from computers is vital for mounting the prosecution's case.

In Bissonnette's case, the police looked for evidence that the murders were premeditated, and if they had been committed in the name of an ideology.

Concretely, the software provides access to the contents of zip files, RAM memory, directories, social media chat data, P2P file sharing, web mail, videos on YouTube, photos, the use of USB keys, how the info was shared, and the history of the internet browser - even if it has been deleted.

These digital research tools can save hours of work by sparing police officers the job of having to read everything on Skype, Facebook, or web browsers.

The amount of data can be imposing: in Bissonnette's case, the software detected 31,895 web links, 4,742 Google searches, 3,388 Facebook links and 60,417 images. The tool finds everything, even data that is invisible to the human eye or seemingly irrelevant.

The RCMP investigator tasked with investigating Bissonnette's laptop was able to see not only potentially incriminating videos of executions, but also searches for Halloween costumes or a recipe for vol-au-vent.

The data is also precise: it showed investigators that only an hour and a half before he gunned down six worshippers in a Quebec City mosque, Bissonnette had viewed a video on how to operate the Glock handgun he would use in the slaying.

While they save time, there's a risk that the results of searches can be taken out of context, Lajeunesse said. As an example, what do 20 searches on bombs mean, compared to a thousand for recipes?

"My internet search history looks quite a bit like Alexandre Bissonnette's," she said, noting that part of her job involves researching far-right groups.

Police forces are reluctant to discuss their investigation methods, in order to not divulge their methods to criminals.

RCMP declined to comment on the subject other to confirm it used certain tools by Magnet Forensics.

Quebec provincial police would not say what technology it used to uncover evidence.

Spokesman Hugo Fournier did say the force has a technology support unit comprised of some 40 police officers who, with support from computer scientists, target mainly organized crime.

Police forces aren't the only ones to use the technology.

Hexigent Consulting, a private specialty firm, is hired by lawyers and occasionally police to extract potentially incriminating information from cell phones and computers and pass it on to clients.

Founder Ryan Duquette, a former Ontario police officer, said criminals are increasingly learning new ways to cover their digital footprints, which increasingly makes investigators' jobs harder.

"But not impossible," he said. "We have to get more creative."

Lajeunesse, for her part, believes that it's impossible for someone to truly eliminate all traces of their history.

Most people end up making mistakes, she said, noting that the founder of AlphaBay, one of the world's biggest darknet website AlphaBay, was brought down after sending an email from a personal hotmail address.

"To connect is to commit," she said.

CTV News:

Police Are Mishandling Digital Forensic Evidence:

Canadian Police Uncover Dark Net Gun Market:

« Cryptocurrency Malware Theft Is Worth Millions
Business AI Platform For Commercial Development »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Rubicon Workflow Solutions

Rubicon Workflow Solutions

Rubicon is a leading provider of managed IT support and strategic services, specialising in creative and mixed platform environments.

Cloud53

Cloud53

Clolud53 is a Manchester based Managed Cyber Security & Cloud company providing solutions focused around you.

Internet Storm Center (ISC)

Internet Storm Center (ISC)

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with ISPs to fight back against the most malicious attackers.

Silverfort

Silverfort

Silverfort introduces the first security platform enabling adaptive authentication and identity theft prevention for sensitive user, device and resource throughout the entire organization.

GreenWorld Technologies

GreenWorld Technologies

GreenWorld has a proven track record in industry leading IT asset management, secure data destruction and remarketing.

CYBER.ORG

CYBER.ORG

CYBER.ORG's goal is to empower educators as they prepare the next generation to succeed in the cyber workforce of tomorrow.

SHIELD

SHIELD

SHIELD are the world’s leading cybersecurity company specializing in cyber fraud and identity solutions.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

senhasegura

senhasegura

senhasegura is a global Privileged Access Management vendor. Our mission is to eliminate privilege abuse in organizations around the globe and build digital sovereignty.

Menaya

Menaya

Menaya provide Ethical Hackers for leading companies while also providing cyber security solutions to help major infrastructures protect against cyber crime.

PCI Security Standards Council (PCI SSC)

PCI Security Standards Council (PCI SSC)

The PCI Security Standards Council is a global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments.

Radius Technologies

Radius Technologies

Radius Technologies is trusted by progressive SMEs to deliver world-class cloud, IT solutions, IT and data security, and telecoms systems.

Beround

Beround

Beround is an IT consultancy firm specialized in software testing.

Cyviation

Cyviation

Cyviation's mission is to mitigate ever-growing and menacing Cyber Security threats, focusing on aircraft, airlines and airports.

Mantodea Security

Mantodea Security

Mantodea Security is an industry-agnostic powerhouse backed by extensive experience and expertise in the realm of IT security.

ThingsRecon

ThingsRecon

ThingsRecon empowers organisations to continuously map and manage their attack surface, uncover hidden vulnerabilities, and assess supplier cyber hygiene.