Digital forensics has become a key part of the investigation of each crime. Not only those related to the cyber space, but also organized crime, terrorism, child pornography and other serious offenses.
The second in the series of training dedicated to strengthening of the Sector for Cybercrime and Digital Forensics’ capacities to fight cybercrime using latest forensic tools, took place at the Public Security Bureau from 29 August to 9 September 2016.
The training was conducted by Mr. Damir Delija, Technical Director in the Digital Forensics Department at the Croatian company INsig2, who delivered two additional modules: Computer forensic analysis with X-Ways and analysis with EnCase forensic.
“These two training modules come as natural extension to the Forensic Toolkit (FTK) training, led by my colleague Kresimir Hausknecht in August, in sense of providing introduction into the most advanced and most popular commercial digital forensic tools on the market today. The purpose of this training was to provide investigators with understanding for each product, their relative advantages and interaction with other forensic products and tools. Such approach also allows improvement in standard operating procedures and efficient development of procurement policy,” said Mr. Delija.
X-Ways Forensics is advanced computer examination and data recovery software. The training aimed to enable digital forensic investigators to upgrade and update their skills to perform evidence recovery techniques, find deleted files and search hits. Many topics were explained along with their theoretical background, but also with hands-on exercises, simulating most aspects of the complete computer forensics process.
EnCase Forensic is a tool for computer investigation that both searches a computer system for information, as well as aids in the process of developing this information into a complete report. This software can decrypt high-level forms of encryption, create an image of the physical drive, and then generate reports on the evidence.
Attendees were encouraged to immediately try newly gained insights as provided by the instructor, and perform thorough overview of existing and deleted files on computer media.
To help the police keep step with constantly evolving forms of cybercrime and successfully tackle this phenomenon, the EU funded project for “Further Institution and Capacity Building of the Police Service”in the course of September and October will organize subsequent training for: Identification of malware codes, Efficient securing of evidence and Investigative techniques for cybercrime.