Emadeldin helmy Khalil

Cybersecurity chief of Experts at NTRA, Egypt

Session Title: Cybercrime and Digital Forensics, Past, Future, Tools & Challenges

The first computer worm transmitted over the internet was created in 1988 by Robert Morris. The worm was not intended to be malicious, but the error in its code caused it to become a virus that replicated rapidly and ultimately infected about 6,000 computers. The Morris Worm is estimated to have caused as much as $100 million in damage.
The first digital forensics tool can be attributed to a software called The Coroner's Toolkit (TCT). TCT was developed by Wietse Venema and Dan Farmer in the early 1990s. It is considered one of the earliest tools used for digital forensics.
Cybercriminals soon took advantage of malicious software such as worms to promote their political, social, and economic ends. Nowadays Cyber-attacks have become more and more sophisticated that data breaches can stop the businesses.
Companies and individuals are more exposed to the expense of paying cybercrime demands and recovering data lost as the result of an attack where effects of cybercrimes on businesses and individuals is very dominant .
Historically, the Internet and its offered services are experiencing periods of great progress and improvement. This achievement has created opportunities for e-commerce, research, entertainment, distance learning, and education.
Unfortunately, this digital revolution has a downside; it has led to criminal innovation and created a new bad activities and criminal behavior.
Complementary cybersecurity and law enforcement forensics capabilities are critical to safeguarding and securing cyberspace and from the concept that “Knowledge is Power” and “If the drug is known, the cure for the disease” Preventing cybercrimes attacks and minimizing the damage of attempts to breach the sociality begin with employee education and building the capacity of the know-how especially if its related to digital evidence showing how the crime started?
In addition to learning how to spot phishing attempts and other potential sources of malware, educated workers can adapt their daily processes to reduce the chances of a successful attack.
In this presentation spot on to Cybercrime (Past – Present) and Digital Forensics definitions, processes and types then dive deeply in Digital Forensics Fundamental to get more about Digital Evidence showing the its concept and rules exploring the known standards for digital forensics( ISO/IEC 27037- NIST 800-86 DFIR) and how they unified and differ according to the requirement.
Then shed light on the technical, legal and resource of Digital Forensics challenges
Where attacks on computer networks, data stores, communication systems, or command-and-control systems are committed using a variety of methods and for many different purposes. While many cybercrimes attacks are widely reported, most cyberattacks and attempts to breach computer networks receive little or no notice.
Finally highlighting the revolution of AI to get the future of Digital Forensics showing Top commercial tools vs OSINT Tools especially those related to Live Forensics, memory forensics and network forensics.

Retired Major General from Army, Joined the private sector as board member in the
Egyptian company for Tracking & Information Technology (ETIT) then as Project Manager setting up the tracking technology to the Egyptian market using the GIS technology. Then Moved to NTRA Included in many positions in the field of operation and senior management late he was Sector Head of Operation Quality in the NTRA (National Telecommunication Regulator Authority), now he is Head of cybersecurity risk & resilience Bureau , managing the operation & inspections teams as measuring the cybersecurity risk to assure the suitable resilience & business continuity to different entities, his primary tasks include inter agency cooperation, cybersecurity risk assessment, resilience, field experimentation, research on technologies and policies related to disaster response and recovery, and public-private cooperation. Also, his career is a fast growing one having an ample vision and a wide range of business scope so, He is willing and working hard to establish the first national Common Criteria laboratories to assure security of ICT devices to bring trust to the critical infrastructure of ICT in Egypt via Defense in Depth. He also is a member and trainer at First, where Education and training is one of the core activities of FIRST. He continuously develops new training materials for in person courses as well as online training courses.
In addition to that he published several monographs and papers in Fault Simulation, Boundary scan and built in Self-Test in FPGA design as well as being cited in numerous publications. He has experience teaching at the graduate and postgraduate levels and also as a public speaker where he is used to regularly deliver an awareness and training workouts at Nasser Higher Military Academy.