9:15 AM -- ARLINGTON, Va. -- Black Hat DC -- This might surprise you, but hackers weren't just haggling over responsible disclosure and breaking new ground on attack vectors here at Black Hat DC this week. They were also hobnobbing with a director at the Department of Defense's Cyber Crime Center.
Jim Christy, the director of futures exploration at the Department of Defense's Cyber Crime Center, appealed to the crowd of hacker attendees here for a few good forensics tools for the center's Defense Computer Forensics Lab (DCFL). Christy delivered the keynote here yesterday after being introduced by Black Hat director Jeff Moss as the "guy you don't want knocking down your door."
Christy doesn't arrest hackers anymore -- he recently retired from his latest post as director of DOD's Cyber Crime Institute -- but in his new job he's now reaching out to hackers and the commercial world for what he jokingly describes as cheap (read: free) forensics R&D.
Digital forensics is still an evolving discipline, Christy says. "We've moved from a 'winging it' hacker mentality to a structured process... It's fairly regulated." The DCFL is the largest accredited forensics lab in the country, and processed 704 Defense-related forensics cases in fiscal 2006.
There are only 12 accredited forensics labs in the U.S., Christy says. And so far, only a small number of states require forensics labs to be accredited in order for their investigative work to be introduced as digital evidence in court. Aside from the investigation side of things, labs also must vet and certify forensics tools.
"There are over 18,000 different law enforcement agencies in the U.S., and they all need the ability to forensically process digital evidence," he says.
An initiative at Oklahoma State University to build a national repository of digital forensics intelligence should somewhat ease the load on state and local law enforcement, Christy says. But gaining accreditation in digital forensics labs is still going to be a big challenge.
Meanwhile, Christy says his unit is about to launch another digital forensics challenge contest this year. "Were looking for new tools and techniques" like steganography, password-cracking, keylog cracking, image analysis, media recovery, etc., he says. The winner gets a free trip to the DOD Cyber Crime Conference in St. Louis, Mo.
Among the challenges in this year's competition, Christy says, is cracking Windows Vista's BitLocker.
Kelly Jackson Higgins, Senior Editor, Dark Reading