Ransomware Forensics


Experience our elite response process on a Ransomware Forensics case with our Digital Forensics and Reconnaissance Intelligence Units, which was conducted with a global financial market investment firm. The organization experienced issues accessing documents on their file server which were encrypted with multiple layers of encryption.

Trading system was compromised, and fraudulent trades were performed on daily basis. Monetary losses were increasing every day, and the firm had to react quickly to the incident.

Learning Objectives in Ransomware Forensics:

  • Challenges experienced with ransomware and cyber extortion
  • Symmetric encryption and Asymmetric encryption used in ransomware for key distribution
  • How our digital forensics team detected advanced threats infecting the firm’s network
  • Final results and LIFARS superior engagement performance

Ransomware attack and cyber extortion are new phenomena in the era of digital life. Cases are going to exponentially grow due to limited ability of law enforcement prosecution around the globe.

Ransomware response generally requires bitcoin payments, and working with compromised systems and victims.  LIFARS Incident Response Unit understand ransomware attacks TTPs and has proprietary collection of IoCs that are needed to detect compromised systems.

For any questions, please contact our Digital Forensics team, or for advice on protecting your organization please contact LIFARS Incident Response team.