- Important Cybercrime Laws
- Yet More Theft of Information Assets
- Preparation Phase of a Digital Search
- Data Hiding and Steganography
- Confusion over Terminology
- Presenting Digital Evidence
- Remote Access Trojans
- Malicious Code Detection
- What is the Role of Computer Forensics?
- Forensics in Business Continuity Planning
- An analysis of different data sources used in a forensics investigation
- Business Continuity Analysis
Computer forensics can play a vital role in an organization’s recovery from a cyber attack. By properly following forensics processes carefully in the aftermath of an attack, recovery can begin to play out. According to Čisar & Maravić Čisar (2012), in accordance with digital forensic analysis methodology three processes are essential, which include preparation, identification, and analysis. It is during these processes that a post-mortem analysis occurs including file system, event logs, and recovery of deleted files.
A lot of the research and work has gone into the discipline of digital forensics over the last decade, which has been shared with the greater community. This has enabled a greater understanding of how to identify as well as how to recover digital artifacts that may have been deleted or damaged due to malicious activity. Beeb (2009). As the field of digital forensics continues to mature, so to do the methods and processes used in order to help organizations recover from cyber attacks, which will continue to evolve as attacks continue to grow in sophistication and severity.
Beebe, N. (2009). Digital forensic research: The good, the bad and the unaddressed. Advances in digital forensics V, 17-36. (http://dl.ifip.org/db/conf/ifip11-9/df2009/Beebe09.pdf)
Čisar, P., & Maravić Čisar, S. (2012). GENERAL DIRECTIONS OF DEVELOPMENT IN DIGITAL FORENSICS. Acta Technica Corvininesis – Bulletin Of Engineering, 5(2), 87-91.