Cybercrime 201: Network Intrusion Investigation

From a law enforcement perspective, cybercrime can be broken down into two major categories: 'traditional' crimes that utilize computers and the Internet to facilitate the activity, think fraud, threats of violence, and child exploitation. This is Cybercrime 101 and is an established discipline in any law enforcement organization. Then there are crimes where a computer system itself is the target of the crime, think network intrusions, data theft, and ransomware. These 'Cybercrime 201' investigations are generally much less established, requiring wildly different approaches and skill sets. This presentation will focus on the latter category, a much less understood area of cybercrime. Key takeaways will be understanding what these incidents are, the evolving laws surrounding them, law enforcement's role, and what information will be requested in the event of a network intrusion incident. Brett will also identify the most underutilized law enforcement cyber response tool and, as a bonus takeaway, provide a personal top five list of issues directly observed through casework that led to a major network breach. Spoiler alert: you probably already know them (but they did, too).

Brett is a member of the Florida Department of Law Enforcement and serves as an Investigative Consultant in the FDLE Cybercrime Office. Brett's responsibilities include leading the FDLE Network Intrusion Program and assisting with criminal cases involving network security incidents across the State of Florida. Additionally, Brett is assigned as an FBI Cyber Task Force Officer, collaborating to work on cyber-related criminal investigations nationally and internationally. Brett has over 20 years of experience investigating incidents of computer-based malicious activity and is proficient in numerous specialized digital forensic hardware and software tools and methodologies as well as being versed in enterprise network security best practices.