SecurityResearch-101

We all know about the recent ransomware attack on Colonial pipeline. With regard to this, let us try to understand what happened exactly: About the firm: The largest refined products pipeline in the US, it is involved in transporting over 100 million gallons of fuel across their corridors. The recent ransomware attack against colonial pipeline's networks led to an emergency declaration in 17 states and the district of Columbia across 5,500 miles of fuel pipeline Let’s understand about Darkside ransomware Darkside is a relatively new ransomware strain that made its first appearance in August 2020. It follows RaaS (ransomware-as-a-service) model. It follows a double extortion trend like: 1.       Threat actors encrypt the user’s data 2.       Exfiltrate the data and threaten to make it public if the ransom demand is not paid. Their ransom demand ranges between $200,000 to $2,000,000. Let’s now understand how the attack vector of this: 1.       Downloading the rans

What is digital forensics? A specialized branch of forensic science that works to recover and investigate digital devices in the world of cybercrime. The aim of this work is to identify, preserve, analyze, and document digital evidence in order to present it to the relevant law authorities as and when required. Who is a Digital forensics investigator?  A person who has a mindset to discover evidence and trace back the storyline to solve the case. It can range from discovering:  • How attackers gained access to the network- or the point of breach • Lateral movement on the network- or affected systems discovery • Information stolen or backdoors planted- Corporate Espionage  • Recover data that were attempted for deletion, damage as well as manipulation. Let’s now analyze the different phases across a digital forensics investigation: Phases: 1. First-line incident response The focal point right after a suspected breach /security incident is known as the first response. These ini