1. Kroll Cyber Security is a division of Duff & Phelps, which is a consultancy firm. Kroll breaks off into seven main functional areas, and some of these include Cyber Security & Investigations, Digital Forensics – Incident Response,
Information Risk Management, Research & Development, etc. I belong to the Cyber Security and Investigations team here in the lab in Secaucus, NJ. The firm is based in New York City, but holds offices everywhere. They have existed for more than 45 years and have about 3,500 employees in 28 countries across the globe.
2. My overall and primary job at the Lab here at Kroll in Secaucus, NJ varied daily. On most days, I would take care of case closures through a forensic database system called Lima, which kept a record of all cases Kroll was working on or had completed. For case closures I would close them out and respond to the investigators and examiners via email letting them know their cases were closed per request. I would then archive the cases, which meant that I moved the client data off one of the shares where it was originally kept in the server room to a major database storage consisting of hundreds of terabytes, also known as a backup. This was important because if the client ever needed a piece of their case or we needed to refer to it, we have it on a backup unit.
Every day consisted of evidence handling, chain of custody work, and putting together onsite kits to be shipped out to the investigators. I did a lot of forensic imaging using write blockers and Tableaus connected to hard drives using a forensic tool such as FTK Imager. I delivered packages for shipping and helped send out hard drives for the examiners and investigators that needed them for their case investigations. I also was constantly wiping hard drives no longer being used for cases through a program called Blankify, which completely wiped any data on a drive. I did a lot of Remote Desktop Connections into our imaging station computers for this type of work. I also took apart varies laptops to install new hard drives given and then booted Windows 10 to them for certain investigators/examiners who needed them.
3. One of the first projects I worked on was a full evidence audit of our evidence locker room. I would confirm we had evidence labeled on an excel spreadsheet by going through each of the lockers one by one and making a note in the excel spreadsheet if we had specific evidence according to excel. Another project I worked on was a networking assignment in which I traced the different IP addresses to the different dongles in the Lab and server room to ensure they were in our possession and that we weren’t missing any according to an excel spreadsheet on file. My final project was one that lasted me this whole summer, and it was specifically a project where every day, I would wipe drives using Blankify. There were five wiping stations, and most of the drives were between one and three terabytes, so this project took me the whole summer because there were about one hundred drives to wipe.
4. Because I completed this internship as an incoming sophomore this summer, I do not have many relationships to my MIS courses yet. There were several instances during my MIS 2101 class where cyber risk and security was mentioned and how important it is for companies to have a secure network of their data. During my time in AIS, there were many speakers that came in to discuss a lot about the field of Cyber Security as well. I know that during my years to come at Temple, I will have courses that go deep into network security and Cyber Security, and this internship will have greatly helped me get a solid foundation in that area.