This 5-day practical training aims at teaching officers to obtain information from the malware analysis process with the purpose of identification of criminals and their infrastructure
Constant evolution of technology makes it difficult to define a concrete set of standard practices for extracting evidential data from digital devices. While the technological evolution of personal computers is less dynamic, each operating system manages data in a manner different to the others. Another difficulty faced by examiners is the variety of applications that are available on mobile devices and computers, many of which store evidential data in various locations in their respective file systems. Malicious attacks on public and private networks are relentless. In order to carry out such attacks, cybercriminals need access to the right tools and services.
The development and propagation of malware therefore continues to be the cornerstone for the majority of cybercrime. It is essential for law enforcement to continue to allocate sufficient resources to investigate the malware and services which enable other cyber-attacks. Hence, techniques of forensic examiners must constantly evolve along with technological progress underlining the importance of training and experience.
This training project aims to enhance the level of competence of cybercrime investigators and digital forensics analysts from the respective countries, who deal with highly complex computer crimes.