Today's topic on spotlight on digital forensics. 1974 a family, a murder happened in a family of four people had died in the city of the United States called Wichita Kan Kansas State. There was pandemic situation similar to our current COVID-19 situation that we are facing.People are afraid to come outside and even stay at inside this radar. The murdered let himself as BTK killer ban torture and kill. And then till 1999 91 there were series of murders happened by the serial killer that got people into a pandemic situation for 30 plus years. This case has been a mystery in history. Now, let's see how digital forensics technology helped in resolving such use cases and also multiple domains myself. Him up, I work as a senior engineering manager at opentext profile. Has all of my details. I'm also founding member for women in cybersecurity and privacy and also mentor at executive women's forum. Please feel free to follow me at Midwinter Forensic Hema. Let me set the context for today's session. This session is for people who wanted to move their career to digital forensics and who to start their career in digital forensics. These are the topics discuss, what is digital forensics? What are the different types of digital forensics, how to get started or how it has evolved over the time? What are the benefits and the real life use cases using digital forensics? What are the career opportunities and the certifications and also resources? And next steps.

Having said that first, let's look at how it has evolved over the years it all started um in uh 19 eighties about with the term computer forensics. And then um it's uh been uh renamed and termed as di 1998 expert witness for Windows. The first um graphical user interface interface forensic tone has uh released until then. There was no um tool to investigate additional from a mouse click from there. It has been evolved multiply from 2010 to 2021. There has been a revolution cause this uh technology is an issue and it is upcoming boom because as for 2021 statistics, cybercrime damage $4.06 trillion that gives a lot of opportunities and demand in this digital forensics. So what is digital forensics? It is nothing but identification collection and preserving, extracting the information using legal methodology and all and also analyzing the extracted information, report any findings and document the findings and also present this digital evidence in from a digital device.

What do you mean by digital device that has zeros and ones are personal cases, laptops. Um printers, scanners, biometrics and our smartphones, et cetera are called digital device that can be used digital evidence. So now let's see what are the different types of the forensics, all these types.

The forensic uh is the same. It is like uh collecting extracting and but the type of we extract is different. For example, this forensics um extracting the information from hard disk like USB C floppy disk, um flash drives, et cetera and network forensics is nothing but extracting or detecting the information via network. Uh for tu detection and logging, wireless forensics is a branch of network forensics that can be um used to investigate wireless networks for unauthorized activities coming to database forensics. The it it it is about extra extracting the contents of metadata of a database. So each of these types has number of use cases in real life and there are many cases solved using each of these types. Malware forensics. Um is nothing but extracting information related to wireless worms, Trojan Horse, et cetera. An email forensics as the name suggests, it's about email hacking, phishing, tracing and recovering recovery of stolen funds. Memory forensics is extracting about the memory dump of the operating system. And uh mobile forensics is all about extracting your contacts, deleted data, emails, texts, pictures, video recordings, et cetera and browser forensic. It's uh most widely used in many of the cases.

Um uh It's about um uh reading the web browser history, whether it is a mobile device, tablet or notebook or desktop. And there are multiple criminal cases resolved using browser forensics uh to talk about it. There was an incident happened, a mother kill two year old baby um in United States. Um And then they were able to identify uh the accused mother um that based on the history of web browser um that she has searched before um the the killing of the baby, she has searched an internet about chlorophyll. So based on that they were able to identify similarly uh uh uh person killed his wife and new uh unborn son. Uh And based on his browser history, the forensic investigators were able to create evidence and identify that this person is uh the one who killed the wife and unborn son. So uh not only this um uh there are number of use cases, right? It, it's because this technology um using this technology, there is almost any case can be solved. Why? Because 95% of the time any crime involves a digital device, right? Mostly we use smartphones and laptops and devices.

So it has usage in multiple domains, incorporates workplace, government agencies, po police departments, um intellectual property, the terroristic attacks especially uh and this forgery, medical investigations, insurance uh documents. Some people will claim uh uh mm fake uh uh insurance documents if the medical reimbursement, right?

All these things can be detected using digital forensics and we can create the evidence. Um as a forensic analyst and regulatory compliance, law enforcement, even in employment disputes and also fake uh um experience uh documents people create. If we read the meta data of the document, it is very easy to find out if it is a fake or real. So, uh out of all these use cases, I'm going to talk about the well-known use cases. Right? So, um do you know this guy? Yeah, uh all of us know him, right? Mark Joker who is like uh CEO of Facebook multimillionaire, um where most of us are using his Facebook for social networking, things like that, right? So he um uh uh a New York based entrepreneur, Paul filed a lawsuit against Mark, claiming 50% of stake in Facebook ownership and also claiming um millions of dollars from Mark. So his reputation was at stake at the end. Mark come out very clean and honest how because of the digital forensics and email forensics that we discussed earlier slide. So forensic investigators examined um Mac emails 2003 and created evidence that there is no such or the communications happened for Facebook ownership.

At the same time, they also investigated Paul's email um conversations and they were able to that Paul has created all fake digital documents and also digital email conversations between Mark and Paul. Uh So imagine the situation if we don't have additional forensic technology, Mark's reputation would have been at stake, is it not? And if you look at this picture, you know him, right. He's the most world's most wanted terrorist Osama Bin Laden who is the responsible for 999 11 attacks. Right. So, do you know digital forensics helped and played a major role in capturing him? And once he is dead, there is a lot of critical information that was captured using disc forensics from his uh uh mm devices like floppy disk, CD roms and DVD S and personal PC that helped uh in uh stopping the future attacks. And I talked about the BT K serial killer. I started with that story. It's a real, real life story and there was also a Netflix movie um uh about this story and this has been a mystery for 30 plus years, but how did it has solved after 30 plus years? Dennis Ritchie has sent threatening messages to police in a floppy disk.

That floppy disk has a deleted document. When forensic investigators investigated the metadata of the deleted document, they read the data of the data and was able to f find the author of the document, the name of the killer as Dennis and Dennis Rader and also the location from which it was created. So based on that, this was been a turning point in the story and then uh he was arrested and he uh uh was guilty about all the 10 murders and he has done and in fact, he was planning to do one more. Here are some of the statistics 2020 roughly 200 billion connected device everybody is going to use that gives critical need and further digital forensic domain. By 2021 dollar six trillion is expected to be spent globally in cybersecurity that gives number of opportunities in terms of digital forensic field.

The market forecast is such that by 2022 it is expected to grow $9.68 billion as opposed to 4.62 in 2017. So with this growing uh statistics in digital forensics, there is huge demand and need for the digital forensics. Now you understood the need and also the domains and the benefits. Now Hema how do we get started? Right. So digital forensics is all about extracting the data. So in order to extract the data, the data gets traversed, so it's very important to understand the O SI layer model, open systems interconnection model that we all studied as part of the Bachelor's degree and forensic focus.com would be a good start. It has number of good uh resources, materials tools, videos to go through and uh talk to your local user groups, join your local user groups, talk to your user group leads and get their mentorship. Uh It's a Digital Forensic group which is international group um which I have given the link A isa.org dot A U. If you are interested, you can join that group and explore more. So what are the skills required? Many people approach me and ask me, Hema, I don't have programming language knowledge. Will I be good fit in this field? Well, to answer that question, the programming knowledge is an added advantage. It's not a mandatory skill in this field.

If you want to develop a plug in into tool, then your programming knowledge would be an added advantage. What we need is basic understanding of networks, operating systems or hardware. Because a plus one skills of computer knowledge is required because we'll be investigating the systems and digital missions.

The second priority would be technical aptitude, knowledge of digital devices and analytical skills is a must. The degrees of forensics have huge demand and also uh expensive and we need to maintain investigation credibility as confidential because it is highly sensitive and confidential data.

Uh for every case else might get into the disciplinary actions. If you are um uh curious on cyber law and if you're more interested in investigations, if you are passionate on the domain, then you are in the right track. I would advise understand the domain and help, right? People are there in security and cybersecurity industry and very very few in digital forensics. That's why it's called M technology. And there is huge demand for women in this field. So utilize the demand and utilize the opportunities, right? We talk about the opportunities.

These are the number of opportunities, forensic analyst examiner or a consultant, right. So each, each role has its own uniqueness. Tomorrow, who knows you may be the one who is solving the world peace problem and um helping to solve the terror attacks through digital forensic analyst.

Is it not that much that great? And also tomorrow, you can be the one who is helping multibillionaires like Mark from ST or tomorrow, you might be helping the law investigators on the cyber crimes or uh criminal cases using digital forensics. So how, how do we, how do we investigate right now? We talked about the career opportunities and how to get started. So how do we investigate? There are numbers available, there are paid tools and there are open source tools like to advise you to understand at least one tool and get depth into it. I work for NKS and I contribute for NKS. Uh uh So uh mm we have been um gold standards in digital forensics. It's a digital forensics tool uh to investigate and used by many examiners and the digital forensic analysts. Um We have been uh awarded by the best forensic tool uh from um sc magazine continuously for 10 years in a row. We have customers across the globe worldwide. Um We have a number of capabilities but in the interest of time, I have put up uh capabilities, we support uh mac and um many operating systems, enhanced agent functionality.

We can actually record everything from the criminal um uh system or uh the suspect mission uh without knowing the suspect know about it. Even in uh we can actually uh detect the deleted files. We can actually scan um and secure and uh investigate uh from the digital device. We support uh 27,000 plus mobile collection profile. We have mobile investigator also and some of the features it's very easy to report and uh we support Apple, T two security bypass, apple file system um MM and volume shadow copies. And if you know, if you need more details on the forensic analysis of NCIS, please uh reach out to me. Um uh And we have partnered um with Project V for a great cause. Tech for good. What is Project W project W is uh a nonprofit initiation. It's been supported by worldwide and post offices uh against child exploitation to rescue the victims, especially the Children from sexual exploitation. So uh in case uh uh hash sets would be able to identify uh export the project VIC and also send them um the immune data to rescue the victims. So because of this initiation, we were able to identify more victims um who are like innocent people and also rescue them from sexual exploitation. So now uh we understood the tool, right? So how do, how do I claim myself as a digital forensic analyst?

So there there are a number of certifications because without um uh certification or a degree or um you cannot claim yourself as a forensic analyst or present evidence in a court of law. It's illegal. So there are no number of certifications, certified forensic security response, certified forensic analyst, um, certifications would help, um, each tool has their own certifications. And uh in our n cases we have n case certified examiner. You need to invest your time um uh to understand um mm and attend the training of NKS and um try to go through the N C or NSE or AC FSR Certified forensic Security Responder and Global Information Assurance certification is um uh advanced forensic certification. So if you need more detail, I have provided the link, please visit the open tech site on the certifications and trainings on tools. I talked about the BT K killer case, right? So and case has played a major role in resolving the case. So it is the digital forensic tool that helped um to solve the BT K killer case that I started uh in my slide, no other sol tool um was able to solve that. That's why we have become the gold standard, right? So uh that we are in digital detectives era, there is no blood, no physical evidence, no misplacement of things, no bullet shots, but we are working on cybercrimes and criminal cases.

So this is how digital forensics works and you are the hero, you are the protagonist, you are the hero who is from the back side behind the screens um to, to uh help the victim. And um to present honest, is it not a great career opportunity? And we should really feel blessed privileged to take this as one of our periods. So I'm uh done with my session to summarize. We talked about digital forensics. What is this? It is a branch of cybersecurity branch of forensic science about preservation, identification, extraction, documentation of digital learning that can be presented in court of law. And we also discussed about process and evolution of digital forensics, different types of digital forensics.

How to get started requires a number of use cases including the famous terroristic attacks, Bin La Facebook, uh uh co uh uh case and also the BT K killer, a case that has moved and multiple domains we um explored on the types of forensics and also carry opportunities. So as a next step, since you attended the session, I would request you to um explore more on the forensic technologies and on NPS tool or any of the tools and also uh on the certification side. Um uh So that gives you a branding as a digital forensic analyst. And once you have the skill um you can actually get started. Um um close it if you have any questions, I would like to take Christina. Thank you. I also would uh please reach out to my linkedin uh uh to my linkedin page. Mm In fact, this technology is like ocean. I only know drop in the ocean. I'm also learning so we can help each other and learn more and connect with me on my linkedin. I hope this session is useful. Sarah, you are right here. That's where the victim's voice comes in. But um if anything is with digital evidence um in additional device, even if they clean, if they delete including recycled bin, um As long as they don't tamper their hard disk, we can uh anything can be captured and identified.

That's a part of our N case and forensic tool. Um because it it is stored in magnetic tapes. Uh because um any device that uh works on zeros and ones binary, we can um capture and save the victims. Hi, Nadia, nice to meet you. Um visual forensics um and cybersecurity security with data uh scientist is like uh emerging technology. I would like to connect with you. Please feel free to uh send me your um your um linkedin uh request. Hi, Mara, pleasure, pleasure to be part of this conference. And uh yeah, please feel to reach out to me. Um linkedin. There are a lot of opportunities which you might be uh getting because as with through wisp women in cybersecurity and privacy, we have been mentoring the many rural women and helping them to get trained in cybersecurity and uh help uh uh in uplifting in their career. Yeah. Vulnerabilities uh scanning of flora Florian. Yes. Yeah, we, we can use it uh based uh in forensics. You can reach out to me for more details um uh in the interest of time. I may not be able to take everyone's questions, but I'll try to answer um everybody's question. But please feel to reach out to me in my linkedin or Twitter, you can get N Case certified as an N cases expert without actually selling N case as a reseller.

I don't know. What do you mean by N case as a reseller? But um uh there is a predefined n case training and predefined uh certification uh course where you uh I think you need to spend at least like 3 to 6 months in understanding the depth of the tool, right? So um I'm not sure um because I am from engineering and development team but I can get back to you on that. I I'm not sure without the reseller. Um if you can get the certification. Uh mm but for us open text employees um if we can get uh the certified, right? So I, I can get back to you on that. Thank you, Neha. I'm glad that uh it helped. Could you share the deck? Neha? Uh Sure. I think the session is recorded. Um Once Anna sends me the link, I can share you the recording. I think that uh would be better, Lina. I'm glad that uh you are excited. I'm uh working with so many women to get them into forensics and uh cybersecurity that it helped and you are excited. Um Yeah. Uh uh good, good. Uh You are in the right track. Uh feel free to reach out to me if you need uh any help, Donna. Thank you. Uh Thank you uh mm uh for your feedback and mentioning. That's very interesting session.

Um Thanks for the presentation outside of the forensics quarter. The training, do you um There are a lot of trainings in youtube, um youtube to get started with and I mentioned about the forensic and that there are a good number of video tutorials to get started. And uh uh we have uh open source tools. If you want to explore more, you could, but please reach out to me um uh uh Shina um online um through linkedin. I can uh help you. Do you ever feel like you are further wrong side? No, no. Actually, I feel like I'm blessed uh to be part of uh uh this product, developing this product and this domain. Uh because um uh during my childhood, I wanted to become a lawyer, but I was very good at math and science. So somehow I took the engineering of a lot of discussions time. Um The most interesting and uh uh career, fruitful career was engineering. Now, I think I was blessed and I got this opportunity um as a digital detective um work in uh digital forensic field that helped me uh to explore more on my passion. Um I really feel blessed. I never felt like I was in wrong way. Uh Like your skills are used for you. No, no, actually uh uh we should not use these skills for unethical things. We should be. Uh That's what I have mentioned clearly, right? Um It's extremely sensitive data.

You need to maintain integrity and high values, honesty and you should not share any of the critical or sensitive information to anyone. Uh Sherry, thank you so much. Uh Glad that uh you like my session. Uh Sh um Debbie, thank you, Asik. Uh Thank you. Thank you for joining my session. Um If you have any questions Asik, please feel to reach out to me. Um Sherry. Uh I think I answered the question if you have uh if, if, if uh have more questions, you can reach out to me in my linkedin. It sounded exactly like a life. Thank you. Great to hear. Thank. Thank you. Glad that you've helped us. So feel free uh free to connect in my linkedin um Nadia if you are interested in case certification, um I can help you details and connecting to our um certification or training team or sales team. So any other questions? Thank you. T Yeah, true, true here. Um We are, we should be very neutral in this field. When you're investigating. We are not biased towards anything because it's all recorded, right? Even the deleted, once you send a whatsapp message and deleted, um It's short in the whatsapp server and also in your device. So there are number of mobile forensic tools where you can actually easily extract the data and get it back. So um yeah, so it's all based on the proof statistics and numbers, right? So uh mm so uh we can't cheat uh the truth, right?

Anyway, even after 30 plus years in BT K killer's case, um the truth has uh evolved and that guy has living a normal life. He has two lives, one is with his wife, son and daughter and the other thing he's doing all these things without knowing his family. So that was been like uh mm surprising thing for um mm mm everyone you should watch that movie tell him I'm glad that it helped and thank you so much for attending my session. Thank you all for taking time in attending my session. Thank you ana for giving me this opportunity. Thank you all um stay safe, stay um be safe. Um And also one more thing um uh due to this COVID-19, um there are some job cuttings that is happening, right? And uh people are getting scared but there is no job cuts for forensics or there are no uh uh this uh situation uh mm for cybersecurity field because that gives many opportunity for Attackers because we are all get got digitized and using systems and that that's giving us more.

I know and resolve more cybercrime cases. Um So that, that, that uh is an opportunity for us. So um uh uh especially II I wanted to emphasize for women in this field, there is huge demand as per pay scale.com. Uh in 2018, the average uh salary paid for forensic um investigators or for people in forensic field is $69,000. Is it not a good amount of money? And if you are in the top 10% it is like one lakh $10,000 or something. And this is 2018 stats. Now, it might be more than that. So it has number of opportunities for, for us in this field. So utilize and you use it for the right purpose. And thank you all. Um I'm glad Lena uh Thank you. Thank you for the feedback. Uh Thank you so much. I'm glad um it helped uh to connect me in linkedin. Uh And let's keep in touch, stay safe and be safe uh during this lockdown.