Digital forensic (investigation of cyber security incidents, technical expertise) or Forensic science on the facts of hacking computer systems, servers, databases, including unauthorized access, violation of the regime of confidentiality of information, malware infection, theft (copying) of data, illegitimate use of administrative access privileges.

 

The general complex of digital forensic procedures includes:

  • collection of primary evidence and hacking facts from various personal, network and stationary devices, computers and servers (Windows, Linux, Mac, Android, iOS);

  • restoring the chain of actions of the hacker, determining the scenario of penetration and the “zero patient” through which hacking or unauthorized access was carried out;

  • data recovery and collection of artifacts left by hackers during hacking, preparation of a legally significant report for the court and the technical commission;

  • determination of the causes and facts that led to this cyber security incident (both organizational reasons and technical)

  • preparation of an expert report on the result of the investigation, containing motivated, justified and factual findings and a final conclusion, suitable for transferring a document to a court session