The Next Frontier in Investigating Cyber Conflict

Speaker: Peter Stephenson
Associate Program Director
Norwich University

Presentation Overview:

Simple digital investigation has changed rapidly as the digital landscape has changed. Where once computer-related crime was the predominant factor affecting corporate, military and law enforcement investigations, today many different types of adversaries and adversarial activities have changed the rules. This seminar explores computer-related/cyber crime, electronic fraud, information warfare/operations, cyber-terrorism and cyber extortion. Attendees will get a solid understanding of the cyber battlesphere and how to investigate, document and present the various types of digital investigations that define cyber conflict in a post-9/11 world. This is a seminar for all types of investigators: corporate, military, law enforcement or non-military government.

Time-Based Objectives:

Day One

• What we mean by cyber conflict; types of cyber conflict and how we distinguish them • Actors and motivations in the various types of cyber conflict • Cyber weapons: fraud, denial of service attacks, penetration tools, misdirection, social engineering, history erasers, key loggers, password crackers, spyware, data hiding, etc. • Preparing to investigate: the Digital Forensic Research Workshop (DFRWS) Investigative Framework; the role of digital forensics • Selecting investigative and forensic tools • National and international legal aspects of cyber conflict; interacting with law enforcement

Day Two

• Responding to different types of cyber conflict in real time: managing evidence while maintaining operations • Documenting and presenting investigations • Hands-on team mock investigations addressing: credit card fraud, penetration (data theft and extortion) and phishing

Prerequisites: Basic understanding of Internet, enterprise and computer technology including TCP/IP, MS Windows, Unix and Linux