|eForensics Magazine 2022 04 PREVIEW Anatomy Of Ransomware Attacks.pdf|
Have you ever encountered a situation where the screen of your phone or smartphone goes black and you receive a message that you need to pay a ransom to recover your data? Or maybe the organization in which you work is struggling with this problem. If this topic is important to you, or if you want to learn techniques to deal with this problem and develop your abilities, our magazine is just for you. You will find here not only information about what a ransomware attack is, but also a simulation of its course and possible ways to deal with it and prevent it! What's more, you will also learn what tools are effective for detecting this type of attack and how to use them, because we have prepared practical tutorials on this topic for you.
That's not all! The journal also touches on the following issues:
- malware analysis using Sift Workstation,
- better use of security cameras in the investigative process,
- forensic analysis of memory, conducted with the use of FTK, CyberChef, KeepassX, and Volatility,
- tools for forensic analysis, presented in the form of practical tutorials,
- storage media forensic investigation, which is presented step by step,
- the impact of artificial intelligence on the conduct of forensics investigation.
Interested? Do not hesitate any longer and reach for this treasure of knowledge and tools!
Check out our Table of Contents below for more information about each article (we included short leads for you).
We hope that you enjoy reading this issue! As always, huge thanks to all the authors, reviewers, to our amazing proofreaders, and of course you, our readers, for staying with us! :)
and the eForensics Magazine Editorial Team
TABLE OF CONTENTS
Ransomware, The Real Cancer In The Digital Age
by Longinus Timochenco
Security is not a product, but a continuous practice, and more and more the need to be in real-time. If we follow these basic security principles not only limited to our companies, but also to our lives, you can be sure that we would all save a lot of money and time. It's the same thing as having freedom with security, that would be great, so let’s re-educate our teams and our families.
There Is Honor Among Thieves
by Wilson Mendes
The rapid technological development and the potential access by companies and users during the period of the pandemic brought with it a significant, uncontrollable and much more complex increase in cyber crimes, leading to the simultaneous compromise of thousands of computers, tablets, watches, smartphones, refrigerators, automobiles and a series of IoT devices, directly targeting different types of operating systems, such as Windows, Unix, iOS, Mac, Linux, and Android.
Your Organization’s Data Has Just Been Kidnapped
by Thomas Mitchell
I just received a ransom note from the data kidnappers that my organization's data is now under their control.
Ransomware is malicious software, or malware, used by threat actors to extort money from victims. This form of cyber-criminal activity is one of the most prolific and lucrative criminal business models. This successful attack can cost an organization millions of dollars and require hundreds of person-hours to restore data destroyed during an attack.
Malware Analysis W/ Sift Workstation
by Atlas Stark
In the world of digital forensics, there are a variety of tasks that are really exciting from threat hunting to data extraction, and one of the top 10 (at least in my book) is malware analysis. The reason why I really enjoy malware analysis, even though it is a tedious and time-consuming event, is that it grants us great insight into the mind of who authored the malware. By inspecting the way the code was written, such as naming conventions and types of functions chosen, we are given a bit of insight into the maturity, experience, and intent of the creator. It is like playing detective and unraveling a mystery from a singular piece of evidence.
Better Utilization Of Existing Security Cameras
by Marion Marks
The Golden Hour for crime resolution is the crucial time after discovery of the crime. Evidence value in crime resolution is degraded when it is unworked. Investigators engaged in evidence cataloging vary techniques depending on whether investigations use the reactive or proactive method. However, they all utilize similar stages in the process of investigation.
Forensics Tools Review
by Rahul Deshmukh
In this digital era, when we hear about multiple bank/financial frauds and cyber crimes, we often get puzzled. Financial frauds are often layered under multiple transactions to make it appear genuine and, in the due course of an investigation, it becomes a very tedious process to investigate and bring the perpetrators to book. Forensic tools and evidence collected during an investigation become crucial to obtain convictions in the court of law.
Be A Chef And Cook Up Some Memory
by Byron Gorman
A pinch of memory, a dash of CyberChef, some DB Browser for SQLite and KeyPassX- Lets Eat! Memory Forensics has become one of the most important tasks in DFIR (Digital Forensic Incident Response). There is a hacker attack every 39 seconds, 43% of cyber-attacks target small business and, since 2013, there are 3,809,448 records stolen from breaches every day. That breaks down to 58,727 per hour, 2,645 per minute and 44 every second of every day. Cyber criminals and hackers will infiltrate your company through your weakest link. During the next five years, cybercrime might become the greatest threat to every person, place and thing in the world. With evolving technology comes evolving hackers, and we are behind. However, once the infiltration has occurred, it’s time to start cooking.
Cloud Evidence Preservation Tools
by Jean Jacques Raphael
Imagine the extreme case where an organized crime’s godfather, aided by unscrupulous computer scientists, manages to set up an anti-digital forensic (ADF) system, in order to be able to continue to carry out his money laundering transactions or transferring his pedophile files with total impunity. All this through the internet. Nowadays, unfortunately, this is quite possible in the cloud. Indeed, we live in the age of disposable emails, burner phones and easily concealable USB keys capable of storing gigabytes of files. The activities of these new kinds of crooks are protected, sometimes quite innocently, by thousands of transactions from people who use these gadgets, not necessarily to indulge in illicit activities, but with the sole concern to maintain some privacy.
Storage Media Forensic Investigation
by Deivison Franco, Cleber Soares, Daniel Müller and Joas Santos
Computer science is ubiquitous in people's daily lives. Thus, the evidence that incriminates or exonerations a defendant is increasingly found on personal computers, hard drives, USB sticks, CDs and DVDs. At first, the article will discuss forensic duplication, an essential procedure for the preservation of material evidence. The criminal expert will then be shown the path taken to retrieve and seek data relevant to the investigation or process. Finally, techniques on how to extract potentially relevant information from the bowels of the Windows operating system will be presented to solve a case.
Transforming Digital Forensics With AI
by Simon Whitburn
The pandemic has served to progress digital transformation and the deployment of artificial intelligence (AI) far beyond what previously might have been expected. As early as October 2020, McKinsey was reporting that firms had accelerated the digitisation of their customer interactions, supply chain interactions and internal operations by three or four years – all in the space of just a few months.