“Digital investigations are quite different in real life as compared to the movies,” said Paul N., Peraton’s senior digital forensic analyst. “Although very satisfying, it takes more than a few minutes to analyze digital media.”
It is an obvious statement that we are living in a digital age. This means, however, that any given person has a digital breadcrumb trail spanning decades, full of information about who that individual is: interests, friend groups, locations, messages exchanged, purchases made, financial information, files deleted, browser history, pictures taken, and many other types of information. Computer crime is also so prevalent that studies have suggested that more than 90% of all crimes committed today have a digital component; whether that’s from a mobile device, surveillance system, traditional computer or other type of digital media.
“The imaging, extraction, and analysis of digital evidence is like going inside someone’s psyche” said Ted W., Peraton’s Department Director, Cybersecurity Solutions. “The wealth of information is astounding.”
Peraton has nearly two decades of experience supporting a wide variety of cyber missions and programs across the Department of Defense (DoD) and Intelligence Community (IC) that involve digital forensics, hardware and software reverse engineering, multimedia imaging and extraction, specialized intelligence identification, cyber kill chain, litigation, training, and work in the Defense Industrial Base (DIB).
Peraton analysts have conducted cradle to grave forensic investigations–from identification, acquisition, analysis, preservation and technical report production—that many times has led to plea deals and guilty verdicts through expert witness testimony when supported by the facts. Peraton’s strict adherence to constantly updated Standard Operating Procedures ensures the integrity of data and accuracy of processes. Employees always follow strict chain-of-custody rules for handling evidence.
Additionally, Peraton personnel support a DoD entity providing emerging threat analysis, consulting, and forecasting. In this capacity, Peraton performs Digital Multimedia (D/MM) forensics, cell phone forensic analysis, mobile application forensic analysis, and telematics forensics in support of DoD and DOJ customers and other mission partners.
Peraton has demonstrated experience leading technical efforts and supervising teams in a forensic lab environment. Peraton personnel have led D/MM forensic response teams on short notice to DoD, combatant command, and military service locations worldwide to perform digital forensics and network forensic investigations involving reported and detected incidents of cybercrime, security incidents, data breaches, and malware infections. Peraton has worked on investigative activities with DoD network defenders and law enforcement investigators, including the Air Force Office of Special Investigations (OSI) and the Naval Criminal Investigative Service (NCIS). Peraton also supports Department of Justice (DoJ) customers in the forensic and malware reverse engineering fields.
“I remember when I started at DC3 as an IT forensics leader nearly two decades ago in 2003,” said Bob Renko, Peraton’s Director of Digital Forensics. “It was exciting when we bought one terabyte of storage, which took up an entire room. Now my team analyzes over 600 trillion bytes of data a year.”
Peraton’s forensic analysts have performed forensic extraction on many types of media, including laptops, desktops, servers, mobile devices (including Apple, Android, Windows, Blackberry, and one-off devices), removable media, DVD/Blu-ray disks, Internet of things (IoT) devices, and vehicle system electronic control units through a combination of COTS, GOTS, and proprietary tools, depending on the customer requirements. Since integrity of data is always at the forefront of Peraton’s processes, employees use standard industry practices to verify the integrity of data prior to and after conducting analysis.
“A single adversary can own many different devices,” said Nichole G., Peraton’s director of LE Mission Solutions. “We also have to be fluent in every operating system and file format. We are prepared to handle anything that’s put on our desk.”
Peraton performs a key role in the battle against cybercriminals, malicious nation state actors, terrorist groups, and individuals. Besides convicting child predators and terrorists, the work can also uncover how a data breach, malware attack, advanced persistent threat (APT), or financial crime occurred and use that information to identify the hackers, fix vulnerabilities, recover compromised data, and guard against future threats.
“The critical nature of Peraton customers’ missions is our motivation to always stay at the cutting-edge of technology, evolving our capabilities to continue to respond to threats quickly and effectively,” said Nichole G.