Thanks to today's technology, the entire world is seemingly just a click away. Everything from computers to tablets, from smart phones to smart watches, makes information instantly and readily available.
While many people are content to use electronic devices to keep in touch with loved ones, order dinner or watch cat videos on the internet, plenty of other individuals use modern technology for far more nefarious reasons -- which is why the 902nd Military Intelligence Group has the Cyber Forensics Team.
"Once the subject of an investigation has been identified, we take a look at any digital media they have," said Chief Warrant Officer 2 Jerrod Stone, officer in charge of the Cyber Forensics Team, 310th Military Intelligence Battalion, 902nd MI Group. "In general, we provide investigative support by imaging, acquiring or examining digital media to assist in counterintelligence investigations."
For those who aren't familiar, cyber forensics is the process of extracting information from computers and/or electronic devices to serve as digital evidence.
"A field office will open an investigation and then they'll send us hard drives, thumb drives -- anything like that -- to have us take a look to see if that person is doing anything they shouldn't be," said Sgt. Shane Orsburne, who has been with the Cyber Forensics Team since June 2013.
If it sounds like a challenging job, that's because it is. In order to effectively accomplish their mission, members of the Cyber Forensics Team are required to be experts in forensic techniques and procedures, standards of practice and a host of other areas. Needless to say, this does not happen overnight.
"When you first begin this job, not only are you learning how to be a counterintelligence agent, but you're also learning how to become a technical expert in this field," Stone said. "It usually takes about six months to get someone trained up and certified. And then, with three-year tour lengths, you're looking at very limited utility of that person once they've attended all of the required training."
Realistically, those six months of training serve as a solid baseline for a new member of the Cyber Forensics Team, but it takes much longer to ensure an examiner is better than just competent at the job.
"I would say, depending on the person, you're looking at a year to a year and a half before a new examiner can truly be relied upon to be a mission lead," Stone said.
Orsburne admits when he first came into the career field, he knew next to nothing about cyber forensics. But he kept an open mind about this new challenge and now believes it's one of the best decisions he ever made.
"It's funny," said Orsburne. "Before, I could barely turn on a computer without it blowing up in my face, so when I found out I was going to go into cyber, I pretty much thought it would be impossible for me."
After completing his first enlistment as an infantryman, Orsburne wanted to try something different, so he reclassified into the intelligence world in 2012.
"Once I got here and started taking the classes, I was able to get a pretty good grasp on everything," Orsburne said.
To be certified with the Cyber Forensics Team, examiners must complete Defense Cyber Investigations Training Academy courses such as: Introduction to Networks and Computer Hardware, Computer Incident Responders Course and Windows Forensics Examinations.
Because technology changes and evolves on a daily basis, these cyber forensic professionals must continually keep pace and educate themselves on what is out there and the ever-changing ways to collect data.
"Technology advances much quicker than equipment procurement or our training does, so we constantly have to reevaluate our tactics, techniques and procedures," said Stone.
In order to truly excel in this career field though, examiners must go above and beyond the occasional training opportunity.
"This isn't something where you can just come in, do the job while you're at work and then go home and completely forget about it," Orsburne said. "If you want to do the job effectively, you've got to constantly stay on top of what's current. This is definitely a hands-on type of job. If you're not paying attention to everything that is out there, you're going to get left behind."
Conversely, because the gadgets and technology is constantly changing, the job never feels boring or mundane, according to Orsburne.
"You never know what is going to be handed over to you for an examination," he said. "Whatever it is, you've got to be able to know what you're working with and know how you're going to go about examining it. You've got to stay current with the latest technology -- otherwise, you're not going to be able to do the job effectively."
Social Sharing