I woke up Wednesday morning, extremely excited because I have been waiting to go to the class that I had first thing that morning.
The first class I attended was “And Away We Go!: The Bradley Manning Case and Lessons Learned” I have heard a little about this case before but I didn’t know much about it so I was very interested in what I would learn about it. The speakers Ryan Pittman and David Shaver were great and I loved the humor they brought to the presentation. They both talked about Bradly Manning’s crimes and gave us an insider’s perspective on the investigation and agency response to his crimes. They discussed some of the interesting challenges they faced when dealing with this case. Lastly they shared with us some of the lessons they leaned from the Manning Case. I really enjoyed this class, I am glad I was able to attend it.
The second class of the day for me was “Secure Data Deletion: A Forensic Perspective.” The speaker was Dan Jerger and he gave us some information about some wiping tools. I got a better understanding of deletion and wiping tools. Jerger showed us some specific artifacts of some of the more popular data deletion utilities. I really liked how he showed us some steps to follow with our own cases when we run into data deletion, I found it very helpful. Lastly he gave us some ideas on how to search for the presence of unknown wiping tools.
After enjoying some lunch it was time for the third keynote speaker of the conference. The speaker this time was Justin Somani, the Chief Trust Officer of Box. He told us about how there is a security transformation going on and the security controls are out of sync with the landscape and threats of today. He said that now that data is being stored on the cloud more, we need to upgrade how we protect it. He said there should be the “three horsemen” of security transformation. These “three horsemen are the security practitioner, security vendor, and the cloud provider. Somani is not satisfied with the way the “three horsemen” are at the moment and told us how each needed to be improved. The cloud provider should make trust a business differentiator, the security vendor should migrate security controls to the cloud, and the security practitioner has to adapt new skills and practices. I really enjoyed Justin Somani’s presentation as cloud security is not something I know a lot about.
After the keynote I made my way to my third class of the day which was “Whistle Blower and Fraud Investigations.” I was very excited to attend this class as I am very interested in fraud investigations. The speaker for this class was Richard Thompson. He talked to us about the laws and regulations surrounding whistle blowers and fraud and why companies should care. He spoke of the two kinds of whistle blowers, internal and external. He said internal, such as employees, were the most common. He discussed what statutes are required for someone to be a whistle blower, and the history of whistle blowers. He also touched upon the laws regarding whistle blowers, how the laws are made, and how the laws are enforced. Lastly he went over the corporate impact of fraud and whistle blowers and how to detect fraud. I really enjoyed this class, learning about whistle blowers and fraud was very interesting to me.
My fourth and last class of the conference, having to catch an early flight on Thursday, was “An Introduction to Cryptocurrencies- Bitcoin, Litecoin and Alt Currencies.” I have heard of Bitcoins before but I did not know much about them so this class was a must for me. The speaker was Andy Reid and his goal was to get us familiar with what a cryptocurrency is and the terms surrounding them. He started out with an overview of Bitcoin and the other currencies like Litecoin and Dogecoin. He then talked about wallets, which are how a user’s cryptocurrency is stored and how there are offline and online wallets. If you lose the computer, or if the hard drive crashes, you lose your wallet and all the funds attached to it. Reid talked about how the transactions work and how they are validated. He told us that cyrptocurrencies are the opposite of bank transactions, where with a normal bank the transactions are secret and the person attached to the transactions are known. With cryptocurrencies, the transactions are known but the person attached to them is anonymous. He went over mining and how it’s a business that is now hard to get in to be profitable. To end this class, Reid showed us an Internet Evidence Finder report where he parsed out his cryptocurrency transactions. I found this whole class really engaging, I am glad I got the opportunity to attend it. I learned a lot about the cryptocurrency.
Some other classes that went on today were: Finding Malware on a Windows Computer, Defrag Forensics, Responsive Forensics for Offensive Tactics, Insider Threat: Investigation of Trade Secret and Intellectual Property Theft, and many more great classes.
I would really like to thank CEIC, Guidance Software, and Champlain College for this amazing opportunity. I had a really great time at this conference and I learned a lot!
Scott Barrett