Enemy at the Virtual Gates: An Introduction to Investigating E-Commerce Data Breaches

As brick and mortar merchants begin incorporating more secure technologies within their payment environments, such as Chip and PIN and Point to Point Encryption, cyber criminals are turning their attention to potentially “softer” targets: e-commerce merchants. During this session, Ms. DeGrazia and Mr. Dormido will describe the methodology used by cyber criminals to target e-commerce environments, and provide demonstrations of analysis techniques useful in e-commerce data breach investigations. Topics during this session will include:

  • Exploiting e-commerce environments
  • E-commerce environment evidence collection
  • How and where to search for the badness
  • Best practices on securing the environment

Mari DeGrazia

Mari DeGrazia is a Director at Kroll Cyber Security, which provides cyber security services on a global scale. Throughout her career, DeGrazia has investigated high-profile breach cases, worked civil and criminal cases and provided testimony as an expert witness. She has written and released numerous programs/scripts to the forensics community; presented on her research at several industry conferences; is a published author in eForensics Magazine; and was technical editor for Windows Registry Forensics S.E. Recently, her blog was listed as one of the top 10 Blogs in Digital Forensics. She holds several certifications in addition to earning a B.S. in Computer Science from Hawaii Pacific University.

Ron Dormido

Ron Dormido is a Director in Kroll's Cyber Security and Investigations practice and has over 28 years experience in investigations and information security, both in the private and government sectors. Ron is a veteran of the US Army, having served as a Special Agent with US Army Intelligence for over two decades, conducting national security, network intrusion, and computer forensic investigations. Ron was also a Senior Information Security Consultant with Verizon’s RISK Team, where he led computer forensic investigations for corporate clients worldwide, including several Fortune 100 companies affected by data breach and cyber incidents. In his current capacity as an Incident Response Director at Kroll, Ron supervises a variety of cyber investigations, to include hacking incidents, insider threats, and payment card data breaches. Ron has attended professional training at the Federal Law Enforcement Training Center, Defense Cyber Investigations Training Academy, National White Collar Crime Center, and the FBI Academy. Ron is a certified Seized Computer Evidence Recovery Specialist (SCERS) and Certified Computer Forensics Examiner (CCFE).