The Amigito Insurance Agency (continued from chapter 10) Jason arrived at the Amigito agency on a moonlit night filled with a balmy breeze from the east. A jet rumbled across the sky as it ascended and headed northeast. The city vibrated with energy. With his laptop in one hand and his valise in the other, Jason was ready to get to work. Perdido showed him the son's cubicle. It was neatly organized and on the desk was a small bronze placard with the name "Julio Embrogio" deeply embossed across its shiny surface. Perdido powered up Julio's computer, and as they watched the monitor flicker and come to life, Perdido added, "There's something wrong with this guy. I can just feel it." Perdido didn't know the computer's password, so Jason promptly reached down and pushed the off button. Perdido's attorney had recommended that Julio be fired immediately. At best, Julio was working against Perdido by reporting his every move back to the shady law firm that was bent on Perdido's destruction. At worst, Julio was actively sucking money out of the agency's bank account that Perdido knew about but couldn't touch. "You're not going to fire this guy, at least not now" said Jason. "He's the best link we have to what's really hap- pening behind the scenes. We will convert your enemy's best asset into their biggest weakness." Jason reached alongside Julio's desk, bent over, and disconnected all the cables attached to the back of the computer. It then took him only a few seconds to remove the rear thumbscrews and extract the SSD. Normally, Jason would take photographs and note serial numbers, but tonight, he dispensed with the usual evidence-gathering protocols. In the days ahead there would be plenty of time for evidence collection. In the meantime, his only goal was see what secrets Julio might have. Jason plugged the SSD into a small electronic box from his valise. The SSD fit snugly inside the box and made no sounds as its green and red LEDs twinkled. "Don't ask the son for his password," said Jason. "I'll figure it out on my own. We don't want him to suspect anything" They both agreed that Perdido would treat Julio like a best friend. "You want your friends close to you," said Jason, "but you want your enemies even closer." Back in his condo, Jason opened the patio doors and the windows in the west bedroom. Strong gusts of salty air pulsed through and permeated every inch of his apartment. He ignored the papers flying off the dining room table. He could only think about what secrets he was going to find. Jason inserted a memory stick into one of his laptop's side ports. The stick contained his personal collection of forensic tools, including Genwin, a digital forensic software suite used by both the FBI and NSA. The suite was normally only available to law enforcement, but Bruce had managed to obtain copies for him and one partner in his firm, albeit at \($11,000\) per copy. Jason was always amazed at all the things Genwin could do. It almost instantly produced a comprehensive analysis of the SSD. It contained two partitions, a current version of Windows, and, thank goodness, it was not encrypted. He would have no problem breaking EFS, but breaking Microsoft Bitlocker would have been impos- sible. He quickly mounted Julio's SSD image as a virtual machine in boot mode. Again, he was facing a log-in prompt. Genwin couldn't crack the password, at least not quickly, so he selected the option to reset the adminis- trator's password. That left the machine wide open. There was very little software installed on the computer. Jason focused on the agency's management system, but he didn't have a login to the system, and the main accounting database was well protected with 1024-bit #DES encryption. And, as difficult as it was to believe, Perdido hadn't yet thought of asking the previous owner for the admin login. Jason sat up straight in his chair as he browsed through Julio's e-mail. In total there were 124,261 e-mail messages. Most of those would be normal client communications and of little help to his investigation. So, he used Genwin's acquisition tool to add the e-mail PST database to the Genwin database for the case he was begin- ning to build. Then, he watched as Genwin automatically generated a forensic word index, did reverse IP lookups from the e-mail headers, and built a social network diagram based on interrelated e-mail conversations. He then added a three-way filter to the diagram. That eliminated virtually all routine communications between the agency, clients, and carriers and left only ninety-six conversations. He began studying the remaining conversations one at a time. After boring conversations about everything from tennis to the best place to buy fresh oranges, he came across a three-way conversation that involved Julio, Daniel Larkin, and Tony Alvarez. The last message in the conversation was from only a few days before. Jason recognized Alverez's name as belonging to the broker. In part, his message read as follows: "Daniel, I know I screwed up, but don't worry I'll make things right. Perdido can't hold out more than another month or two-Tony Julio responded a few minutes later. "Dad, please hurry up and finish this. We're well into hurricane season, and our guys at Ladrona could soon end up having to pay off some real damage claims." Then, Daniel Larkin added, "You need to stop putting this stuff in e-mail." The final message in the chain came from Alvarez. "It doesn't matter. If we don't get rid of Perdido soon, we will all be going to jail. Fonten will throw us under the bus." Jason's heart pounded. No matter how many cases he worked on, he had never been able to control the fear and dread that he felt when getting close to the bad guys. He knew from experience that perps could do almost anything to avoid jail. Then, he remembered that he had forgotten to ask Perdido about the cut below his right ear. He spent the rest of the day and evening studying the e-mail. But the rest of it was worthless. He had man- aged to luck out and get a peek into some kind of illegal operation. But he didn't have anywhere close to the evidence that would be needed to do anything about it. So, he began to think about how he could gain access to the agency's management system without tipping off Julio. More digital forensic tricks would be needed. 

Required

a. Map out a digital forensics plan to continue the investigation.

b. It appears that the fraud scheme is much bigger than simply squeezing Perdido out of business. Given all the information to date, what might the bigger fraud scheme be?