Network forensics

Importance of Network Forensics

In August 2021, an IT giant Accenture confirmed that LockBit ransomware operators stole data from its systems during an attack that impacted the company’s network. Accenture’s network was reportedly hacked by the LockBit ransomware team, which claimed to have taken six terabytes of data released against a ransom of $50 million. Source – An unknown marketing services supplier is responsible for the compromise of 3.3 million Volkswagen and Audi customers and prospects in Canada and the United States due to insecure data. In March, an unauthorized entity gained access to the sensitive data, which was collected between 2014 and 2019. The information ranged from the type and model of vehicles purchased or enquired about to a smaller number of leaked Social Security numbers, tax IDs, loan numbers, and driver’s license numbers. The data that was stolen appears to be up for sale in a cybercrime marketplace. With the help of the data stolen one can create accounts, receive benefits, obtain identification documents, and even work in the victim’s name if they have the victim’s full name, street address, date of birth, and SSN number. Theft of a driver’s license number is less serious, but it’s typically enough to start […]

Network Forensics: Concepts and Challenges

Network Forensics: Concepts and Challenges Network forensic is a branch of digital forensic analysis that involves monitoring, capturing, recording and analysing data over a network. Network forensics involves scientifically proven and tested methods to collect and analyse network packages and events that take place over a network. Forensic network analysis is extensive network security that traditionally focuses on network attack analysis and detection. The current model of network forensics allows detection of malicious activity and it also helps the organisations to track attacks related to the organisations from both internal and external environments. This post highlights the concepts and challenges of network forensics. Understanding the current challenges helps the investigators to make a well-informed decision in case of difficulty. Network forensic concepts In terms of forensics, network forensic deals with data associated with a network connection between nodes that are interconnected. The main focus is the data entering and exiting the nodes. The forensic network analyser performs a thorough analysis of the data from the data traffic that has been generated by respective firewalls or IDS or on devices such as routers. The primary goal is to find the source of the attack to identify the cybercriminals. The network security forensics is precisely defined as the […]