<![CDATA[Serangan siber semakin meningkat dan menargetkan berbagai sektor industri, termasuk PT. Satseet International yang mengalami serangan pada sistem Human Resource Management System (HRMS) dan web server antara 5 - 19 November 2024. Studi kasus ini dilakukan dalam rangka program Magang dan Studi Independen Bersertifikat (MSIB) pada PT.Analis Forensik Digital.Metodologi yang digunakan adalah metode National Institute of Standards and Technology (NIST) guna mengidentifikasi, mengumpulkan, menganalisis, dan melaporkan bukti digital secara sistematis.Hasil analisis menunjukkan bahwa serangan dilakukan oleh kelompok BlackPython Team dengan teknik Directory Traversal, Remote Code Execution (RCE), dan Ransomware. Dampak serangan ini meliputi enkripsi data penting perusahaan, kebocoran data sensitif karyawan, gangguan operasional HRMS, serta potensi kerugian reputasi dan konsekuensi hukum. Melalui metode NIST, investigasi berhasil mengungkap pola serangan, mengidentifikasi titik masuk pelaku, serta memberikan rekomendasi mitigasi keamanan. Beberapa langkah yang disarankan meliputi penerapan firewall yang lebih ketat, pelatihan keamanan bagi karyawan, strategi backup dan recovery yang kuat, serta penguatan kebijakan keamanan data.Penelitian ini dapat membantu perusahaan dalam meningkatkan keamanannya. Kata kunci: Forensik Digital,Serangan Siber,NIST,RCE,Ransomware ----------------------- Abstract Cyberattacks are increasing and targeting various industrial sectors, including PT. Satseet International, which experienced an attack on its Human Resource Management System (HRMS) and web server between November 5 - 19, 2024.x This case study was conducted as part of the Certified Independent Study and Internship Program (MSIB) at PT. Analis Forensik Digital.The methodology used follows the National Institute of Standards and Technology (NIST) framework to systematically identify, collect, analyze, and report digital evidence. The analysis results indicate that the attack was carried out by the BlackPython Team using Directory Traversal, Remote Code Execution (RCE), and Ransomware techniques.The impact of this attack includes the encryption of critical company data, the leakage of sensitive employee information, disruptions to HRMS operations, and potential reputational damage and legal consequences. Using the NIST method, the investigation successfully uncovered the attack patterns, identified the attacker's entry points, and provided security mitigation recommendations.Some suggested measures include implementing stricter firewall policies, conducting security training for employees, establishing strong backup and recovery strategies, and strengthening data security policies. This research can help PT. Satseet International and other companies enhance their cybersecurity. Keywords: Digital Forensics, Cyberattack, NIST, RCE, Ransomware]]>
