© 2017 Technology Concepts & Design, Inc. All Rights Reserved. Mobile Forensics and Cybersecurity ERIC VANDERBURG VICE PRESIDENT, CYBERSECURITY TCDI TREVOR TUCKER DIGITAL FORENSIC ANALYST TCDI
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Mobile Forensics and CybersecurityERIC VANDERBURG
VI CE PR ES I DENT, CYBERSECUR I T Y
TCDI
TREVOR TUCKER
DI GI TAL FOR EN SIC A N A LYST
TCDI
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
About UsTCDI founded in 1988
Microsoft Certified Partner since 2003
Services include:◦Digital forensics
◦ Cybersecurity
◦ eDiscovery
Minority owned enterprise
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Over 40 certifications
Published author
Licensed private investigator
18 years in cybersecurity
Specializations include:
Risk management
Governance and compliance
Security strategy
GIAC Certified Forensic Examiner
AccessData Certified Examiner
Licensed private investigator
Specializations include:
Forensic analysis
Forensic investigation
Incident response
TREVOR TUCKER
D I G I TA L F O R E N S I C A N A LY S T
ERIC VANDERBURG
V I C E P R E S I D E N T, C Y B E R S E C U R I T Y
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Mobile Phone Forensics
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Reasons for Phone Collection
Theft of Intellectual
PropertyDivorce
Wrongful Termination
Sexual Harassment
WorkersCompensation
Tracking Location
Traffic Incidents
Child custody
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Who’s Phone is it?
Company Issued
• Legal rights to phone and contents
• Easier to access and analyze
• Prevent data loss or destruction
Personal (BYOD)
• May require subpoena
• May lack direct access to phone
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Analysis considerations
Chain of Custody
Forensic Tools
Knowledge/Experience
Detailed Report
Expert Witness
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Preservation Requirements
Physical Access to Mobile Device
Passcode
Backup password for iPhones
Time
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
What Can Be Collected
Contacts & Call Logs Text Messages / Chats
Voice Mails Emails Geo Tags / Location Information
Passwords Installed Applications
Media (Pictures, Video & Audio)
Internet Activity Social Media
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Reporting
Level of detail
Specific Artifacts
Specific Timeline
Key words
Format◦PDF◦HTML◦Excel
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Information from Providers
Subpoena Required
Location Data from Cell Towers
Additional Call Logs
Billing Records
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Mobile Device Security
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Mobile in the Enterprise93% have mobile devices connecting to their corporate networks
67% allow personal devices to connect to corporate networks
66% say careless employees greater security risk than cybercriminals
*Statistics from the checkpoint mobile security survey
93% mobile devices
Careless employees
Cyber criminals
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Mobile risks
Loss or Theft
•Data breach
• Compromised credentials
Data Leakage
•Mobile phone cameras
• Keylogging
• Entry point to the enterprise
Compromised Device
•Malicious app
• Jailbroken device
•Hijacked authenticator
• Camera/mic monitoring
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Controlling Mobile Risk
Mobile Device Management◦Remote wipe◦Updates◦Application whitelisting
Policy◦BYOD◦Mobile device◦Acceptable use
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Controlling Mobile Risk
Data mapping / data inventory
Awareness training
Incident response planning
Security monitoring
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Digital forensics and beyond
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Digital forensics
Computer forensics
Mobile forensics
Cloud forensics
Social Media Email
File Sharing Groupware
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Why Digital Forensics?
Reasons to use Digital Forensics◦ Internal Company Investigations
◦Alleged criminal activity
◦ IP Theft Investigations
◦ Civil or Regulatory Preservation
◦Recovery of Accidentally or Intentionally Deleted Data
◦Deleted is not necessarily deleted
◦Recovery from Improper shutdowns
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Digital Forensics ProcessCase Assessment & Planning
Maintaining Chain of Custody
Record Evidence Information
Imaging & Data Collection
Analysis
Exports and Reporting
Expert Testimony
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Cybersecurity
Vulnerability Assessment
Vulnerability Scanning
Penetration Testing
Incident Response
Security Management
Event Monitoring
Malware Protection
Security Awareness Training
Governance, Risk, & Compliance (GRC)
Cybersecurity Assessment
CSO on Demand
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
CybersecurityDemonstrate security values for stakeholders and customers
Validate security controls
Meet compliance objectives
Protect sensitive corporate and customer data
Gain peace of mind
© 2017 Technology Concepts & Design, Inc. All Rights Reserved.
Questions?
Related Documents
