Members shine at foiling cyber dark arts; win awards

Cyber security is a world of “good guys” and “bad guys.”

Three PEF members – professional good guys for New York state agencies by day – distinguished themselves, as true cyber warriors by night in 2009.

Working on their own time over many months, the team of Nikki Brate, Corey Harrell and John Griffin placed fourth overall in a global forensic cyber challenge sponsored by the U.S. Defense Department (DOD).

The three, who all possess multiple certifications in digital security and forensics, also were key members of a state work group that won the Best of New York Award, presented September 24, 2009, for “The Most Innovative Use of Technology.”

The team members (competing under the initials DFAC against 1,153 other competitors) said they were stunned and elated to discover in December they had scored the most points (1,682) among the civilian, government, military and commercial teams, which put them at the “genius level” in DOD’s 2009 DC3 Digital Forensic Challenge.

“We are pretty excited about it,” said Brate, PEF Division 268 assistant council leader and a manager of technology services 1 at the state Insurance Department in Albany.
Harrell is an information technology specialist (ITS) 2 at the Office of the state Comptroller in Albany, and Griffin is an ITS 3 in data communications at the state Office of Temporary and Disability Assistance (OTDA) in Albany.

“This was something very non-traditional for state employees to do, and it was our first time to enter this competition. We did it on our own time, using our own resources,” Brate said. She noted that another of the top-scoring teams was made up of doctoral students at the U.S. Air Force Academy.

“I’m a (salary) grade 27, John is a 23 and Corey is an 18,” Brate said. “We wanted to show PEF members may have unrecognized skills and abilities. State employees can teach other state employees a lot.”

The 2009 DC3 Challenge gave the competitors a mock-up of the kind of evidence an examiner might face in a digital forensics lab. It was up to the competitors to draw and analyze as much information as possible from the material and then interpret its significance. The aim is “to stimulate the digital forensics community to pioneer new investigative tools, techniques and methodologies.”

However, The Times of London and other news media have portrayed the DC3 Challenge as an effort to lure into the open potential hackers and gain insights into their methods and approaches to cyber security.

Brate and Thomas Hurbanek of the NYS Police Cyber Crimes Unit co-chair the NYS Digital Forensics Work Group that won the 2009 Best of NY Award.

In addition to Brate, Griffin and Harrell, three other PEF members are part of the work group. They are Margaret (Peg) Acevedo, an ITS 2 at OTDA; Joseph Pero, an ITS 2 in programming at the state Office for Technical Administration; and Adnan Baykal, an ITS 3 at the state Office of Cyber Security and Critical Infrastructure Coordination (CSCIC).

The CSCIC sponsors the work group, which brings together digital forensics professionals from state agencies that gather and work with digital and multimedia evidence. The aim is to address their disparate methodologies and improve consistency in the application of international standards of practice.

“As state employees, we need to work collaboratively to solve problems for the state,” Brate said, “so it won’t need to resort to private consultants.”