ISCR 2019 Speaker list is now being updated.

The following list is subjected to future chage.

Speakers

Virtual Currency Investigations -Following the Money-

Matthew Price
Internal Revenue Service
Special Agent, Criminal Investigation
FOR MORE INFORMATION >
X
Presenter no 10.
Matthew Price
Internal Revenue Service / Special Agent, Criminal Investigation
Virtual Currency Investigations -Following the Money-
2019.05.23 09:30 ~ 10:00
Bio
Matthew Price is currently a Special Agent with the Internal Revenue Service-Criminal Investigation Cyber Crimes Unit in Washington, DC. Mr. Price specializes in virtual currency investigations, investigations of cyber-enabled money laundering and tax crimes, and other complex criminal financial investigations. Mr. Price has led and supported investigations into bitcoin tumbling services, darknet marketplaces, vendors of illicit goods on the darknet and tax refund fraud using stolen identities.
Mr. Price has worked in law enforcement and investigations for the last 12 years with several different local and federal agencies. Mr. Price also worked in the accounting sector for 3 years prior beginning his law enforcement career. He has a bachelor’s degree in accounting and a master’s degree in accounting and information technology. He has completed advanced cyber investigative and analysis training.
Summary
Criminals engaged in illegal activity on the dark web go to great lengths to conceal their identities and activities from law enforcement. Most of these crimes are financially motivated, meaning the perpetrators are seeking to benefit financially from their crimes. This presents an opportunity for law enforcement to “follow the money” and identify criminals using the darknet to commit crimes by exploiting the intersection between virtual currency in the online world and fiat currency in the physical world.
Bitcoin tracing, combined with traditional financial investigative techniques, allows investigators to identify these individuals by following their transaction history from a bitcoin through transactions on the blockchain, to conversion into fiat currency on an exchange, and into real world financial transactions using fiat currency.
The presentation will provide an overview of investigative methodologies used to identify and investigate criminal activity facilitated by the use of virtual currencies. The presentation will also include several case studies highlighting real world successes using this investigative methodology.

Current Trends in Cryptocurrency Crime

Jonathan Levin, Duncan Hoffman
Chainalysis
COO, Account Director
FOR MORE INFORMATION >
X
Presenter no 11.
Jonathan Levin, Duncan Hoffman
Chainalysis / COO, Account Director
Current Trends in Cryptocurrency Crime
2019.05.23 10:00 ~ 10:30
Bio
1. Jonathan Levin is Co-founder and Chief Operating Officer of Chainalysis, the leading provider of anti-money laundering solutions for cryptocurrency businesses, financial institutions, and government agencies. In his role as COO, he leads the global commercial, product, and marketing functions. Jonathan is regularly called upon to testify for the U.S. Congress and other government hearings on the emerging risks and opportunities in cryptocurrencies. Prior to Chainalysis, he was the CEO of Coinometrics, which provided the first dashboard of blockchain intelligence. He was also a postgraduate economist at the University of Oxford, where he researched virtual currencies and created one of the first statistical models of Bitcoin transaction fees. Jonathan holds a BSC in Economics from Bristol University and Master of Philosophy in Economics from the University of Oxford. He lives in New York.
2. Duncan Hoffman is the Account Director for Chainalysis' International Public Sector business and as such leads the company's engagements with law enforcement, regulators, and intelligence agencies globally. Prior to Chainalysis, he spent 3 years at Palantir Technologies where he was responsible for strategic development and implementation of AML and CFT offerings for the company's largest banking clients in EMEA and APAC. Duncan holds a B.A. in Neuroscience from the University of Chicago. He lives in London.
Summary
Current Trends in Cryptocurrency Crime In 2018, cryptocurrency exchange hacks generated billions of dollars in criminal proceeds, darknet market activities netted hundreds of millions of dollars in illicit revenues, and scams targeting individuals stole tens of millions of dollars. The good news is governments and law enforcement can leverage technology to gain transparency into cryptocurrency's blockchains to better understand how and why bad actors move money across the world. In this session, Jonathan Levin, Co-Founder and COO and Duncan Hoffman, Account Director, International Public Sector at Chainalysis, the leading provider of cryptocurrency compliance and investigation solutions, will discuss trends in crypto crime, how law enforcement can take action, and what organizations can do to mitigate exposure to these types of crime.

Darknet and cryptocurrencies investigations

Gert Jan van Hardeveld
Financial Advanced Cyber Team (FACT), FIOD, The Netherlands
Tactical Cyber Investigation Specialist
FOR MORE INFORMATION >
X
Presenter no 12.
Gert Jan van Hardeveld
Financial Advanced Cyber Team (FACT), FIOD / Tactical Cyber Investigation Specialist
Darknet and cryptocurrencies investigations
2019.05.23 10:40 ~ 11:10
Bio
Gert Jan van Hardeveld is a Tactical Cyber Investigation Specialist at the Financial Advanced Cyber Team (FACT) of the Dutch FIOD. He specialises in researching and investigating the dark web and cryptocurrencies. He has obtained a PhD in Web Science from the University of Southampton. His research focused on the anonymity of cybercriminals. He has published various papers on this topic. While being a PhD student, Gert Jan did an internship at the INTERPOL Global Complex for Innovation in Singapore, focusing on novel crimes on the darkweb.
Summary
Darknet and cryptocurrencies investigations
My presentation will focus on darkweb investigations, Bitcoin ATMs and (distributed) platforms used for the trade in cryptocurrencies. Furthermore, I will address operational security methods used by cyber criminals to launder cryptocurrencies effectively.

TBC

Patrice Anthony
EUROPOL
TBC
FOR MORE INFORMATION >
X
Presenter no 13.
Patrice Anthony
EUROPOL / TBC
TBC
2019.05.23 11:10 ~ 11:40
Bio
TBC
Summary
TBC

TBC

TBC
TBC
TBC
FOR MORE INFORMATION >
X
Presenter no 14.
TBC
TBC
2019.05.23 11:40 ~ 12:10
Bio
TBC
Summary
TBC

Case study of the SMS Phishing Scam targeting Banks in Singapore

Abdul Murad Bin Abdul Latiff
Singapore Police Force
OC Team, Technology Crime Investigation Branch,Technology Crime Division, Investigator
FOR MORE INFORMATION >
X
Presenter no 15.
Abdul Murad Bin Abdul Latiff
Singapore Police Force / OC Team, Technology Crime Investigation Branch,Technology Crime Division, Investigator
Case study of the SMS Phishing Scam targeting Banks in Singapore
2019.05.23 13:20 ~ 13:50
Bio
Mr Abdul Murad works in the Singapore Police Force as an Assistant Superintendent of Police. Mr Abdul Murad spent most part of his career in the police force as an investigator in General Crimes, Sexual Crimes and Commercial Crimes. When SPF set up the Technology Crime Division in 2001, he served 5 years as a Computer Forensic Examiner and continued his career as a Cybercrime Investigator. Knowledge and skills are acquired during his career in the Technology Crime Division. Currently, he is leading one of the investigation teams of the Technology Crime Investigation Branch of the Criminal Investigation Department.
Summary
The presentation will provide a case sharing of the investigation into SMS Phishing Scam Targeting Banks in Singapore. The presenter will share how investigator from the Singapore Police Force investigated the case, the challenges faced and the learning points.
Since September 2018, a major bank in Singapore was hit by a SMS Phishing campaign that tricked its customers to reveal their internet-banking login information and One-Time-Passwords (OTPs). An estimated over 100 bank customers lost more than S$300,000 in the short span of 3 months, with the largest amount lost in a single case to be S$14,000. Quick intervention and enhanced collaboration between the Police and the bank managed to minimize the loss with over 55% of the stolen money recovered. The campaign now appears to be shifting to target customers of another bank in Singapore. This sharing of experiences aims to share insights with fellow law enforcers and encourage the mutual sharing of good practices that are crucial for combating cybercrimes.

TBC

TBC
Royal Thai Police
TBC
FOR MORE INFORMATION >
X
Presenter no 16.
TBC
Royal Thai Police / TBC
TBC
2019.05.23 13:50 ~ 14:20
Bio
TBC
Summary
TBC

Internal Information Leakage Case : Via Hacking the Admin of AD environment

KIM Kwang Yeon
Korea Internet Security Agency
Senior Researcher
FOR MORE INFORMATION >
X
Presenter no 17.
KIM Kwang Yeon
Korea Internet Security Agency / Senior Researcher
Internal Information Leakage Case : Via Hacking the Admin of AD environment
2019.05.23 14:20 ~ 14:50
Bio
Kim Kwang Yeon is the senior researcher of the Korea Internet Security Agency. He graduated the Suwon University (B.A. Computer Science) and worked for a private company for 2 years as network security analyst.
In 2007, Kim joined the Korea Internet Security Agency, and has been working in the Korea CERT for 12 years. Kim has various case investigation experience in Korea, which include July 7th DDoS Attack, Dark Seoul(March 20th Cyber Terror), June 25th Cyber Terror, Major ransomware infection case, Pyeong Chang Winter Olympics hack case and many more.
Summary
Internal Information Leakage Case : Via Hacking the Admin of AD environment
This presentation reviews a case that a DC Admin of a company using AD environment was hacked, and internal business ianformation as well as personal information were leaked. This presentation first looks into the initial infiltration of the attacker, how the attacker used base points to make internal infiltration, and the strategies and techniques. Also covered is major cause of the case and responses for such attacks. Although the investigation has came to an end, this presentation will not publicize the name of the victimized company.

TBC

HONG Hye-jung
Korean National Police Agency, Cyber Bureau
Senior Inspector
FOR MORE INFORMATION >
X
Presenter no 18.
HONG Hye-jung
Korean National Police Agency, Cyber Bureau / Senior Inspector
TBC
2019.05.23 14:50 ~ 15:20
Bio
TBC
Summary
TBC

DPRK: Cyber espionage, Disruption, and Financial Crimes

Jay Rosenberg
Kaspersky Lab
Senior Security Researcher (GReAT)
FOR MORE INFORMATION >
X
Presenter no 19.
Jay Rosenberg
Kaspersky Lab / Senior Security Researcher (GReAT)
DPRK: Cyber espionage, Disruption, and Financial Crimes
2019.05.23 15:40 ~ 16:05
Bio
Jay Rosenberg is a Senior Security Researcher on the GReAT team at Kaspersky Lab. Before joining Kaspersky, he led the research at Intezer Labs. From the tender age of 12, he began programming and reverse engineering. He has spoken at various conferences around the world including VirusBulletin and Microsoft BlueHatv18, identified new threats, and published his threat intelligence research on some of the largest cyber attacks.
Summary
DPRK: Cyber espionage, Disruption, and Financial Crimes
The DPRK is an unusual nation state threat actor with increasing cyber capabilities and unusual motives. The various cyber units within focus on different goals, one in particular very unusual for a nation state: theft of money. This presentation will highlight the different motives behind the DPRK’s cyber attacks, the connections between the different malware used in various campaigns, and the origins of their malware toolset.

Analyze of an Infostealer (Fake Android Mobile Application of a Bank)

Hamza Aytac Doganay
Turkish National Police
Chief of Digital Forensics Division, Cyber Crime Department
FOR MORE INFORMATION >
X
Presenter no 20.
Hamza Aytac Doganay
Turkish National Police / Chief of Digital Forensics Division, Cyber Crime Department
Analyze of an Infostealer (Fake Android Mobile Application of a Bank)
2019.05.23 16:05 ~ 16:30
Bio
Hamza Aytac Doganay graduated from Police College in 2000 with a 3rd degree and graduated from Police Academy in 2004. He is studying Digital Forensics Master of Science Degree in Ankara University. He has been working in Digital Forensics Unit of Turkish National Police Cyber Crime Department for 5years. He is the chief of the Digital Forensics Unit and is conducting digital forensics investigations. He is responsible for organizing and planning works on Digital Forensics including 79 cybercrime units in 79 provinces.
Summary
Analyze of an Infostealer (Fake Android Mobile Application of a Bank)
The presentation will provide a general overview about Digital Forensics in Turkey, how an infostealer application can be analyzed to detect the suspect and the issues stated below:
- Legislation of Digital Forensics in Turkey
- Chain of Custody
- Challenges in Digital Forensics
- About infostealer
- How the clients of a bank can be affected?
- How many clients are under danger?
- What kind of privileges does the installation file demand?
- The path to the suspects IP (Decode, analyze, DEobfuscate, listen, report)
- Conclusion

Normalizing the practices of digital analysis

Antonio Javier Maza
Gendarmería Nacional Argentina
Head of Cybercrime Division
FOR MORE INFORMATION >
X
Presenter no 21.
Antonio Javier Maza
Gendarmería Nacional Argentina / Head of Cybercrime Division
Normalizing the practices of digital analysis
2019.05.23 16:30 ~ 17:00
Bio
The Officer Antonio Javier Maza studied at the University Institute of Gendarmería Nacional Argentina, where he did degree studies related to criminalistics and then he studied a postgraduate degree in information security at the University of Buenos Aires. After graduating as an officer, he began working as a computer forensic examiner in the Computer Crimes Section of the Gendarmería Nacional Argentina. It contributes to the investigation of serious crimes, such as child sexual abuse, drug trafficking, murders, electronic fraud, money laundering, and cybercrime. In 2012, the officer was appointed Head of the digital analysis laboratory of the Gendarmería Nacional Argentina. After a successful development, in 2016 he was appointed as Head of the Cybercrime Division of the Gendarmería Nacional Argentina where he is currently working on activities together with the investigative units. In the same way, it has been a reference of the Ameripol Gendarmería Nacional Argentina Unit for its specialization in matters related to forensic computer science and cybercrime. In addition, Officer Maza performs various academic activities as a trainer for law enforcement and other national agencies, in the field of forensic analysis, digital investigation and information analysis, as well as several scientific publications.
Summary
The presentation will provide an overview of the activities that must be taken into account to consolidate a central digital forensic analysis laboratory, unifying rules of good practice that allow to optimize response times and increase the quality of expert reports as a goal of continuous improvement. In addition, it will allow establishing different goals and objectives in the short and medium stroke, based on a comprehensive quality management system, which allows us to measure the degree of maturity of our organizations. Finally, the presentation will demonstrate very briefly the positive impact of the implementation of this type of systems and how it can be adapted to different work environments.

TBC

TBC
North Rhine-Westphalia Police
TBC
FOR MORE INFORMATION >
X
Presenter no 22.
TBC
North Rhine-Westphalia Police / TBC
TBC
2019.05.23 17:00 ~ 17:30
Bio
TBC
Summary
TBC
97, Tongil-ro, Seodaemun-gu, Seoul, Korea