Forensic Analysis
Forensic Analysis is important after a successful attack by a hacker, economic espionage, data theft or some other kind of incident with security implications. Its goals are:
- Identification of the attacker,
- Pinpointing the vulnerability which enabled the attacker to infiltrate the affected system,
- Determination of damage degree,
- Collecting digital evidence for further judical investigations.
A task which should not be underestimated is the collection of material which is supposed to be used in a court of law later on. This involves a certain methodology which ensures that the current status of the affected systems is not changed in any way.