Online PFIC Portal
Networking
Multiple Events
PFIC 2024 Winter Edition
November 12-13 (Eastern Time Zone)
Listed in Order of Agenda
November 12th
From Breach to Fortification: Navigating Cyber Attacks and Mitigating Security Controls
9:00 AM to 10:00 AM
In an era where cybersecurity threats evolve with relentless velocity, understanding the landscape of digital vulnerabilities and the mechanisms behind successful breaches has never been more crucial. “From Breach to Fortification” offers a comprehensive dive into the current trends shaping the cybersecurity domain, dissecting the operational workflows of IT departments as they navigate these challenges. This presentation provides a detailed analysis of publicly disclosed breaches, offering a unique window into the anatomy of cyberattacks and the lapses that allowed them to succeed.
We will explore the intricacies of IT operation workflows, identifying critical junctures where security measures are paramount and where oversight can lead to vulnerabilities. By examining real-world breaches, attendees will gain insights into common attack vectors, the tactics employed by cybercriminals, and the subsequent impact on affected organizations. This analysis serves as a foundation for discussing robust security controls designed to mitigate such breaches, offering practical advice on implementing these measures effectively.
Key Takeaways for Participants
– Understanding cybersecurity trends and the latest developments in emerging threats to help your program stay ahead of potential risks.
– Overview of effective security controls and their implementation to safeguard access to critical systems and information.
– Emphasis on the importance of building a strong security culture to drive awareness across all levels of the organization.
Steve Ramey
Chief Cybersecurity Officer
Steve Ramey has spent the past two decades helping clients protect, investigate, and respond to events involving their digital interests. He has led hundreds of data breach investigations, assessed incident response and security programs, and successfully advised organizations through extortion negotiations.
Before co-founding IronGate, Steve previously held leadership roles within multiple international consulting companies, digital forensic and incident response (DFIR) firms, and a global insurance carrier where he honed his expertise in navigating data privacy laws, leading multi-jurisdictional engagements, and fostering teams with strong subject matter expertise.
Beyond his role as CEO, Steve frequently speaks at industry conferences, authors thought leadership articles and advises boards of directors on cybersecurity topics.
Steve received his MBA from Fordham University and his GIAC Information Security Professional (GISP) certification from SANS. He is a member of several industry organizations.
Fortifying your career with OSINT skills
10:15 AM to 11:15 AM
How can I secure a job in OSINT, and where can I find training? These common questions arise at many points across our careers. The OSMOSIS Association is dedicated to helping our community connect and learn from those who have successfully navigated these challenges. As a collective of practitioners, we aim to professionalize our members through certifications while supporting their growth across the diverse paths a career in OSINT may take. Join us as we explore various approaches to our work and how we assist researchers, analysts, and investigators in enhancing their resumes and finding fulfilling jobs.
Bret Anderson is a retired U.S. Army Intelligence professional. He has directed, mentored, and trained groups ranging from small, specialized teams to several hundred with backgrounds ranging across all intelligence capabilities. In recent years, Bret has focused on the project management of various technology and tradecraft development efforts with an emphasis on making OSINT a standardized and accessible resource for all consumers and practitioners. Currently, Bret is working with the OSMOSIS Association to help professionalize the OSINT tradecraft through an industry-recognized certification.
Leveraging Cloud Computing for Enhanced Digital Investigations
11:30 AM to 12:30 PM
The cloud has revolutionized how organizations operate, enabling rapid expansion and scalability with just a few clicks. This transformative power can also significantly benefit digital investigations, which often grapple with overwhelming data volumes.
In this session, we’ll explore how to harness the capabilities of major cloud providers to bolster your forensic lab’s processing power. Discover strategies for effectively utilizing cloud-based resources to enhance your investigations and extract valuable insights from large datasets.
Robert Kissell is a well practiced Enterprise Technology Leader, with more than three decades of experience in IT. He has spent the last ten years helping companies shift to the Cloud, finding the best ways to solve their business challenges through innovation. Robert’s industry focus has been within the Public Sector, Healthcare and Financial Services, primarily in System and Data Security. Robert currently lives in TN with his wife, three dogs and three cats.
Lunch Break
12:30 PM to 1:00 PM
Malware and CSAM – How Do You Prove Malware Did Not Run?
1:00 PM to 2:30 PM
This presentation will focus on the comprehensive examination of a subject’s actions involving the downloading of contraband files and the presence of malware within a folder deliberately excluded from antivirus scans. Through a case study, participants will learn to navigate complex forensic tools and techniques to uncover hidden digital footprints, trace the origin and distribution of illegal files, and dissect malware to understand its behavior and impact on a system. We will also equip aspiring digital forensic analysts with the essential skills to not only detect and analyze malicious activities but also provide crucial insights for law enforcement and cybersecurity efforts.
Dave has been a digital forensic examiner since 1999 and currently works for a small US Government agency.
November 13th
A Digital Pandemic: Uncovering the Role of ‘Yahoo Boys’ in the Surge of Social Media-Enabled Financial Sextortion Targeting Minors
9:00 AM to 10:00 AM
Financial sextortion is the fastest growing crime targeting children in North America and Australia—accelerating at an alarming rate, with incidents surging up 7,200% according to NCMEC. In a December 2023 hearing, FBI Director Wray warned Congress that sextortion is “a rapidly escalating threat,” and teenage victims “don’t know where to turn.”
This report reveals that virtually all of the financial sextortion targeting minors today is directly linked to a distributed West African cybercriminal group called the Yahoo Boys. Additionally, this investigation unveils previously unreported views into the social media platforms where these criminals share their sextortion scripts, tools, and methods, which has allowed this crime to proliferate at an exponential rate.
Paul is a seasoned intelligence analyst and investigator with a strong focus on threat intelligence and cybercrime.
Using Forensics for Legal Analysis
10:15 AM to 11:15 AM
This session will explore the critical role of forensic examinations in determining the need for data breach notification under federal and state laws. We’ll examine real-world examples to illustrate how forensic findings can directly impact legal analysis and decision-making.
Key topics will include:
- Identifying data breaches: How forensic analysis helps pinpoint compromised data.
- Assessing risk: Evaluating the potential impact of a breach on individuals and organizations.
- Determining notification requirements: Understanding the legal thresholds for triggering notifications.
- Navigating federal and state regulations: Exploring compliance obligations at both levels.
By understanding the interplay between forensics and law, organizations can make informed decisions regarding data breach notification and mitigate potential risks.
Robert L. Kardell (Bob) is an attorney whose practice focuses on cyber-breach incident response, legal and technology-based risk management solutions, technology and cyber-defense policy and protections, intrusion remediation, and fraud prevention and investigation.
Bob has more than 22 years of experience working for the Federal Bureau of Investigation as a Special Agent and has been a certified computer forensics examiner and a certified accounting forensics investigator. He has testified numerous times as a fact witness in criminal trials and before grand juries and drafted expert reports for both accounting and computer investigations. In his career, Bob worked on cyber-crime investigations as well as public corruption, white collar, terrorism, and financial criminal and civil investigations.
In-Depth Analysis of a Phishing Email
11:30 AM to 12:30 PM
A case study providing an example of the kinds of analysis that goes into responding to a phishing email. This example includes very in-depth technical analysis of the email, its attachment, and the websites the victim would interact with, in order to show the kinds of digital forensics and online investigation skills employed by a SOC Analyst responding to a targeted phishing campaign.
Chris Taylor is a security consultant with over 25 years of experience in digital forensics, incident response, and building security programs for companies large and small. He is also the founder of and lead analyst for the media and entertainment industry’s ISAC (https://meisac.org), the threat intelligence fusion center that enables media companies to collaborate on shared risks, threats, and vulnerabilities.
Where are mobile investigations now?
1:00 PM to 2:30 PM
The mobile landscape is constantly evolving, with new firmware releases, sophisticated malware attacks, and emerging trends shaping the digital ecosystem. To navigate this dynamic landscape effectively, forensic investigators must stay abreast of the latest developments.
In this session, we’ll provide a comprehensive overview of the current state of mobile devices, including:
- Firmware Updates: The latest trends and potential implications for forensic investigations.
- Malware Attacks: Analyzing recent threats and their impact on mobile security.
- Data Artifacts: Identifying key data points and potential sources of evidence.
- Emerging Trends: Exploring new technologies and their forensic relevance.
- Data Capture Techniques: Best practices for preserving and extracting mobile device data.
By understanding these critical areas, forensic professionals can stay ahead of the curve and extract valuable insights from mobile devices in their investigations.
For 30 years, Ms. Schroader has been a leading innovator in digital forensics. She’s developed software to recover data from various sources, including smartphones, hard drives, cloud storage, email, and even gaming systems. Her expertise extends to creating protocols for evidence seizure and processing, used by organizations worldwide.
Ms. Schroader’s vision extends beyond specific tools. She’s championed a “360-degree approach” and “Forensics of Everything (FoE),” emphasizing the importance of considering the complete picture of digital evidence. This influential perspective has pushed the field towards a more holistic approach.
Her contributions go beyond software. Ms. Schroader is an accomplished instructor, having written and delivered numerous courses in this specialized field. She’s even founded certifications, further solidifying her role in shaping the digital forensics landscape. Her passion continues through industry talks and book contributions.