SEC 6060 Week 5 Case Study

.docx

School

Wilmington University *

*We aren’t endorsed by this school

Course

6060

Subject

Information Systems

Date

Jan 9, 2024

Type

docx

Pages

4

Uploaded by Admys

Report
Running head: Week 5 Case Study 1 Week-5 Case Study: Anti-Forensic Trace Detection Wilmington University SEC 6060: Incident Handling and Response September 28, 2022
2 Week 5 Case Study Anti-Forensic Trace Detection One thing South Korea should focus on In South Korea, Digital Investigators face a problem with anti-forensic tools and techniques used by cyber-criminals to vanish the identity evidence. Detection of usage of anti- forensic tools can narrow down the investigation process shortlisting the used system for the attack. The article discusses the need to design software tools with good quality unique signatures to Indicate anti-forensics attempts. Furthermore, the report says that investigators should use the digital forensic triage workflow to study the attack. Finally, it talked positively about learning the rules and regulations for anti-forensics detection outside South Korea. Recent cyber-attack The International Hotel chains of Marriott were under cyber-attack for over four years, from 2014 to 2018. The attackers targeted the hotel reservation system database using malicious software. They acquired sensitive information like names, addresses, credit card numbers, and phone numbers as passport numbers, travel locations, and arrival and departure dates. Security Information and Event Management tool indicated illegal action. In the incident identification and addressing process, the hotel has learned that the attacker used cryptography to mask the information with a secret key baring the hotel management from accessing it. As a result, it took more time to decrypt the data to the hotel security team (WashingtonPost, n.d.). The statistics show the increased number of cyber-attacks and the usage of advanced technologies by cyber- criminals; that there is a dire need to enhance the ways to approach an incident. In an attack, fast movement to affected systems and networks will cancel out the avoidable losses. With the advancement of cyber-attack trends, DFIR should use software tools to detected False positives. It should take advantage of Machine learning and Automation to automate security and IT
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help