data leakage case #58~60, Summary
https://www.cfreds.nist.gov/data_leakage_case/data-leakage-case.html
leakage-answers.pdf#58 Create a detailed timeline of data leakage processes.
2015-03-22: Normal business works (installation and configuration of apps)
2015-03-23: Transferring sample confidential data through the internet
2015-03-24: Copying confidential data to storage devices
2015-03-25: Trying to do anti-forensics and take storage devices out
#59 List and explain methodologies of data leakage performed by the suspect.
1. Network Transmission
1.1. E-mail
-2015-03-23 15:19 – space_and_earth.mp4
-2015-03-23 16:38 – links of shared files in cloud storage service
1.2. Cloud storage services
-2015-03-23 16:32 – happy_holiday.jpg, do_u_wanna_build_a_snow_man.mp3
2. Storage Device
2.1. USB flash drive
-2015-03-24 09:58 ~ 10:00 – winter_whether_advisory.zip and so on
-The suspect formatted the partition, but copied files exist in unused area (비할당 영역 복구)
2.2. CD-R
2015-03-24 16:54 ~ 16:58 – 17 files (e.g., winter_whether_advisory.zip and so on)
-The suspect deleted the confidential files, but the files exist in unused area (비할당 영역 복구)
#60 Create a visual diagram for a summary of results.
'Forensic > CFReDS-Data Leakage Case' 카테고리의 다른 글
| data leakage case #56~57, CD - File Carving/Recovery & Anti-Forensic (0) | 2019.02.03 |
|---|---|
| data leakage case #53~55 USB - File Carving/Recovery & Anti-forensic (0) | 2019.01.30 |
| data leakage case #52, anti-forensic (0) | 2019.01.30 |
| data leakage case #51, Recycle Bin (0) | 2019.01.30 |
| data leakage case #47~50, Volume Shadow Copies(VSC) (0) | 2019.01.30 |
