© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Mobile Forensics and CybersecurityERIC VANDERBURG

VI CE PR ES I DENT, CYBERSECUR I T Y

TCDI

TREVOR TUCKER

DI GI TAL FOR EN SIC A N A LYST

TCDI

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

About UsTCDI founded in 1988

Microsoft Certified Partner since 2003

Services include:◦Digital forensics

◦ Cybersecurity

◦ eDiscovery

Minority owned enterprise

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Over 40 certifications

Published author

Licensed private investigator

18 years in cybersecurity

Specializations include:

Risk management

Governance and compliance

Security strategy

GIAC Certified Forensic Examiner

AccessData Certified Examiner

Licensed private investigator

Specializations include:

Forensic analysis

Forensic investigation

Incident response

TREVOR TUCKER

D I G I TA L F O R E N S I C A N A LY S T

ERIC VANDERBURG

V I C E P R E S I D E N T, C Y B E R S E C U R I T Y

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Mobile Phone Forensics

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Reasons for Phone Collection

Theft of Intellectual

PropertyDivorce

Wrongful Termination

Sexual Harassment

WorkersCompensation

Tracking Location

Traffic Incidents

Child custody

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Who’s Phone is it?

Company Issued

• Legal rights to phone and contents

• Easier to access and analyze

• Prevent data loss or destruction

Personal (BYOD)

• May require subpoena

• May lack direct access to phone

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Analysis considerations

Chain of Custody

Forensic Tools

Knowledge/Experience

Detailed Report

Expert Witness

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Preservation Requirements

Physical Access to Mobile Device

Passcode

Backup password for iPhones

Time

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

What Can Be Collected

Contacts & Call Logs Text Messages / Chats

Voice Mails Emails Geo Tags / Location Information

Passwords Installed Applications

Media (Pictures, Video & Audio)

Internet Activity Social Media

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Reporting

Level of detail

Specific Artifacts

Specific Timeline

Key words

Format◦PDF◦HTML◦Excel

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Information from Providers

Subpoena Required

Location Data from Cell Towers

Additional Call Logs

Billing Records

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Mobile Device Security

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Mobile in the Enterprise93% have mobile devices connecting to their corporate networks

67% allow personal devices to connect to corporate networks

66% say careless employees greater security risk than cybercriminals

*Statistics from the checkpoint mobile security survey

93% mobile devices

Careless employees

Cyber criminals

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Mobile risks

Loss or Theft

•Data breach

• Compromised credentials

Data Leakage

•Mobile phone cameras

• Email

• Keylogging

• Entry point to the enterprise

Compromised Device

•Malicious app

• Jailbroken device

•Hijacked authenticator

• Camera/mic monitoring

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Controlling Mobile Risk

Mobile Device Management◦Remote wipe◦Updates◦Application whitelisting

Policy◦BYOD◦Mobile device◦Acceptable use

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Controlling Mobile Risk

Data mapping / data inventory

Awareness training

Incident response planning

Security monitoring

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Digital forensics and beyond

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Digital forensics

Computer forensics

Mobile forensics

Cloud forensics

Social Media Email

File Sharing Groupware

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Why Digital Forensics?

Reasons to use Digital Forensics◦ Internal Company Investigations

◦Alleged criminal activity

◦ IP Theft Investigations

◦ Civil or Regulatory Preservation

◦Recovery of Accidentally or Intentionally Deleted Data

◦Deleted is not necessarily deleted

◦Recovery from Improper shutdowns

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Digital Forensics ProcessCase Assessment & Planning

Maintaining Chain of Custody

Record Evidence Information

Imaging & Data Collection

Analysis

Exports and Reporting

Expert Testimony

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Cybersecurity

Vulnerability Assessment

Vulnerability Scanning

Penetration Testing

Incident Response

Security Management

Event Monitoring

Malware Protection

Security Awareness Training

Governance, Risk, & Compliance (GRC)

Cybersecurity Assessment

CSO on Demand

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

CybersecurityDemonstrate security values for stakeholders and customers

Validate security controls

Meet compliance objectives

Protect sensitive corporate and customer data

Gain peace of mind

© 2017 Technology Concepts & Design, Inc. All Rights Reserved.

Questions?