Patricia Delgado
CYB320 Journal 5-2
Anti-forensics is a range of techniques threat actors used to attempt to conceal who they are, what they are intruding into as well as covering up what they may take. These techniques are also designed to negatively affect the investigation and throw off the analysis. 1.
Overwriting data
Adversaries would use data overwriting to hinder forensic investigations efforts. Renders analysis during recovery phase useless. It’s about covering their tracks, hides where they may have been within the system, also can hide what they may have stolen.
2.
Onion Routing
When an adversary uses onion routing it hides their identity, their internet movements, as well as any online conversations. Onion routing is also used to access the dark web. 3.
Changing timestamps
Investigators use timestamps to trace the attackers. By changing the timestamps hackers can make it digitally appear like they were never there. Investigators use the timestamp to pinpoint the hacker location and the time of attack.
