5-3 Project Two Stepping Stone: Digital Forensic Investigation Exploration CYB-320-J1630 Incident Response and Invest.
DIGITAL FORENSIC INVESTIGATION EXPLORATION2In September of 2007, hacker Max ‘Iceman’ Butler was arrested for stealing credit card and personal information from thousands of people. With a possible 40-year jail sentence and a $1.5 million dollar fine, Butler chose to plead guilty to three counts of wire fraud and two counts of transferring stolen identity. For this he received a 13-year prison sentence and ordered to pay $27.5 million dollars in restitution (FBI, 2010). When analyzing this case, two valuable assets become apparent. First are Butler’s hard drives and other storage devices. An abundance evidence can be discovered examining them. The victim’s information, communication with accomplices, and information about how these crimes were committed, are all pieces of evidencethat can be found on the removable storage media. The other important asset is the Cardersmarket website. By revealing actual sales records of the stolen credit card information, this website provides valuable evidence against Butler. To examine the storage media, first you must log the evidence and create a forensic clone. All of the examination will be done on the clone and the original will remain unchanged. The cloned hard drive would be considered a hardware tool. Several pieces pf software tools will need to be used. These will be used to crackencryption, both on the storage devices and on the Cardersmarket website.
