Case Study- Assignment
shhsrixmat7
CaseStudy.docxPlease read the brief case study then the instructions for this portfolio assignment.
Case Study[footnoteRef:1] [1: https://study.com/academy/lesson/mobile-forensics-assignment-2.html ]
In December 2015, two California residents attacked a holiday party for the San Bernardino County Department of Public Health, killing 14 people and injuring 22 others. Soon after the attack, the two perpetrators were killed in a shootout with police officers. Before they were killed, both perpetrators destroyed their personal phones. Police were able to recover only the work-issued iPhone 5C of one of the shooters.
The attacker's work phone was protected by a four-digit pin number and was set to erase all data on the phone after ten incorrect password-entry attempts. In the months following the attack, the FBI were convinced that they needed to unlock this phone and explore its contents for potential evidence related to the shooting. However, they could not brute force their way into the phone because they did not want to risk erasing the data by getting the password incorrect. The FBI appealed to Apple to write software that would grant the FBI a 'backdoor' into the device. Apple objected to this request, and the FBI was able to secure a court order that would require Apple to comply.
After some months of legal disputes, the FBI decided to drop the court order against Apple as they were able to get a third party (Grayshift) to unlock the phone.
Instructions
In a 2-3 page report, analyze the case between the FBI and Apple. There is a lot of information on this so you will need to review what you have learned so far in this course as well as perform external research. Here are several links as a starting point:
· https://en.wikipedia.org/wiki/FBI%E2%80%93Apple_encryption_dispute
· https://en.wikipedia.org/wiki/2015_San_Bernardino_attack
· https://www.nytimes.com/2016/02/18/technology/apple-timothy-cook-fbi-san-bernardino.html
· https://mashable.com/2016/02/19/apple-fbi-san-bernadino-iphone/
· https://www.digitaltrends.com/mobile/apple-encryption-court-order-news/
Your report should address the following sections:
1. Imaging an i0S device – Provide a refresher on how you would handle the imaging of the device and prevent a potential third party from accessing the device (e.g. via Apple iCloud) in order to frustrate your efforts.
2. Accessing a Locked iOS Device – After you have done your research on the case and the challenges the FBI faced please summarize the methods and challenges used in this regard.
3. Challenges of an Encrypted iOS Device – You have learned that Apple does a very good job with its encryption. Can you review your notes as well as the research about this case then summarize known barriers when trying to access encrypted data?
4. Other Methods of Access – Let’s assume you are unable to unlock the access. Are there other methods that you could consider gaining valuable forensic evidence? Do you know what attempts the FEBI tried in this case study? How reliable are these methods and are they admissible in court?
5. Final recommendations - Now that you have researched and analyzed this case, think of how you would have approached this case if you were attempting to unlock the iPhone. Include a step-by-step plan that you would have employed to access the data. Support your plan with academic research that points to its viability. You do not need to test your solution, nor does it need to necessarily be correct as there's no way to know for sure. However, it must be logical, well-reasoned, and supported by evidence.
I am also adding three links as a starting point for your research.
2. https://digital-forensics.sans.org/media/mobile-device-forensic-process-v3.pdf
3. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-101r1.pdf
