A new generation of cyber-sleuths is on the trail of electronic crime

Until recently, crime scene investigations typically involved searching for minute specs of blood, or threads of fabric linking a suspect to a victim. Or, detectives would wade through mountains of paperwork, trying to link evidence in bank statements, letters and other documents to complex frauds.

Now, while none of those aspects has gone away, there's a third, almost ever present, element to police investigations: what's known as digital evidence. Here the specs, traces and trails are virtual ones, contained in computers and other electronic devices. Understanding this is the discipline known as forensic computing, which is the central element of 90 undergraduate courses, at 21 different universities, all designed to provide the first career step for the would-be digital detectives of tomorrow.

"Nowadays you would struggle to find a crime that doesn't have a computer element involved somewhere," says Tim Watson, leader of the BSc forensic computing course at De Montfort University (DMU) in Leicester. "That element might be anything from mobile phones to personal digital assistants and home or work-based computers."

De Montfort was one of the first British universities to launch a course in this area, and it is growing in popularity. The first wave of seven students is due to graduate this summer, but the current cohort of entrants numbers 60, from hundreds of applicants.

The common component of such courses is learning how to detect and extract data stored on electronic devices, especially when criminals have used their own knowledge of computers to conceal it. This means teaching students criminal techniques.

"You have to teach students every trick used by the criminal, terrorist or paedophile to avoid being caught," says Watson. "But we are very careful whom we take on to the course, and a quarter of the course is devoted to teaching professionalism and ethics."

At Coventry University, this sensitive area is reflected in the title of one of two courses in this area. The BSc in ethical hacking and network security, now in its second year, aims to prepare students for careers with companies that need employees to test the strength of their security defences by trying to break into their own systems.

The sister course at Coventry, digital forensics and system security, in only its first year, covers some of the same ground, but concentrates on techniques required to gather evidence to solve crimes already committed. Most academics voice a note of caution to potential students seduced by the crime-cracking techniques seen in TV programmes such as the American series CSI, where detectives barge into suspects' homes and instantly look for computer evidence.

"Students have to learn the correct procedures to follow, so that when they extract digital evidence they do it in a way that will be accepted in court," says Nigel Poole, a Coventry lecturer. To hone those techniques, students take part in what Coventry calls activity-based learning. "We present them, on a disc, with material relating to a real case," says Poole, "and they have to use the software tools, to look for sent emails or stored photographs."

Graduates from these courses go in one of two directions: law enforcement or the corporate world. Employers in the first category include police forces, tax and customs authorities, and the independent forensic consultancies increasingly contracted by prosecution and defence teams to present evidence in court.

The second category is growing as many large companies want to have this sort of forensic expertise in-house, so they can investigate suspected fraud or unauthorised activity without having to compromise their own security by calling in outsiders. Overall, for graduates on these courses, credit crunch aside, the employment climate is buoyant.

"We recently held a graduate employers fair specifically for computer forensics, and it's clear there are plenty of jobs out there," says Paula Thomas, head of computer science at the University of Glamorgan, where the four-year-old BSc in computer forensics augments the Masters that has been running for a decade.

Jobs in police investigation areas go to people with postgraduate qualifications, but Thomas says she sees Glamorgan students land jobs in less highly sought-after fields directly after their first degree, particularly if they have done a relevant placement as part of a four-year sandwich course.