<![CDATA[Technological advancements have made data a valuable asset; data protection and security are important from various threats such as damage, natural disasters, loss, and cybercrime. In recent years, ransomware attacks have become such a real threat that nowadays, the virus encrypts important data, then demands a financial ransom from the victim by threatening to publish, delete or withhold access. This study conducts network forensic investigations using live forensic methods in network traffic to find traces of perpetrators. This method requires precision and accuracy because data traffic speed is calculated per millisecond, then utilizes the Wireshark tool for data packet analysis. The stages begin with preservation, collection, examination, and research. The following are the investigation results, including the time of the attack, Ip Address, Mac Address, Port, Protocol, and phishing website URL addresses from infected computers. Based on the data obtained, this research is following the expected goals.]]>
Copyrights © 2023
