This article is a recap of some of the main highlights from the Techno Security & Forensic Investigation Conference 2018, which took place in Myrtle Beach, SC from the 3rd-6th June 2018.
Under the sunny skies of South Carolina, the digital forensic community got together at the beginning of June this year to discuss topics ranging from international espionage to the admissibility of evidence obtained from the cloud.
The conference was split into several streams: audit / risk management; forensics; information security; and investigations. There were also labs run by Cellebrite and Magnet Forensics, and various sponsor demos throughout the conference. The exhibition hall was open at various points throughout the day, allowing attendees to meet representatives from universities, forensics companies and law enforcement agencies and discuss current industry trends.
The first session Forensic Focus attended was conducted by Richard Spradley from Whooster, who was discussing how to decode investigative data in real-time. Spradley talked about how VOIP and burner phones are the hardest devices to investigate, but there are ways of identifying people using such phone numbers. Often a person will use a burner phone for more than one thing; while they might not use it to call their friends, they may place a personal ad, for example. Geographical identifiers are also important and may be able to give you a back door into a phone, especially if you have a partial name or frequently used alias.