23rd OLAF training on digital forensics and analysts

The training is funded by the European Union Anti-Fraud Program (UAFP) (2021-2027).

It is aimed at staff working for law enforcement authorities competent in the fight against fraud and corruption to the detriment of the EU budget. Officials from Member States, acceding and candidate countries, EFTA/EEA countries, countries covered by the European Neighborhood Policy and certain countries with which the European Union has concluded a mutual assistance agreement customs can apply.

In particular, trainees must work in digital forensics, computer crime or analytical units which may be involved in fraud or anti-corruption investigations, including cooperation with OLAF in the investigation of the protection of the financial interests of the EU.

The courses that will be taught are:

BCFE (2 week course) October 17-28, 2022

The IACIS BCFE (Basic Computer Forensic) training program is a 76-hour course offered over a period of two (2) consecutive weeks. It is designed to provide students with the foundational knowledge needed to enter the IACIS Certified Forensic Computer Examiner (CFCE) certification process. Through a combination of lectures, instructor-led and independent hands-on exercises, and independent lab activities, students will learn the underlying principles of computer forensic examination and how to apply them in practice.

Although this program may appear to be primarily for students who are new or new to the field of computer forensics, it is also suitable for more advanced students and those who are long-time practitioners. IACIS adopts and the BCFE program defends a neutrality of forensic tools and an independent methodological approach to learning computer forensics. This allows IACIS to provide students with a deeper exploration of the underlying principles than might be offered in other programs, which are designed to teach students how to use a forensic tool to complete a task. The IACIS BCFE training event is unique in that there is a very low student to teacher ratio. IACIS typically provides one staff member for every six students to ensure a 1:6 staff to student ratio is maintained. We do this because students new to digital forensics are often overwhelmed by the in-depth coverage of material taught in class. These staff members assist students with hands-on exercises throughout each teaching module and again during an after-hours lab provided each evening during the two-week training session. Students are better able to learn when they have easy access to knowledgeable staff members. The low staff to student ratio is ideal for learning technical material.

In order to cover all the topics of the IACIS BCFE course, it is necessary for IACIS to use a minimum of 15 people. This allows for instructors who are intimately familiar with highly specialized segments of digital forensics. Each instructor serves as a true practitioner in the field of digital forensics and must maintain their CFCE certification. Most instructors come from a law enforcement background where they worked as forensic examiners for many years before becoming IACIS staff. Recruiting competent staff to teach this technical material is difficult and often requires several staff members to adequately teach all the subjects covered by the CFCE competencies.

OSINT (October 17-21, 2022)

This course focuses on the ability to gather information about people, companies, and financial data available online only from free available online sources. In addition to using advanced web searches and other websites, this course will take advantage of the tools available to look “under the surface” of the internet, access data through database APIs, web crawlers websites and more. Participants will learn the basic frameworks and procedures needed to conduct a financial investigation. Trainers will demonstrate and explain techniques on how to get information from the dark web, how to analyze cryptocurrencies, explore blockchain based on real case scenarios. The training is dedicated to the analysis of monetary fraud, financial investigations, cryptocurrency transactions, online data exchange.

Intermediate Linux (October 17-21, 2022)

This course follows the basic Linux Forensics course. It covers more advanced topics such as: networking, TCP/IP essentials, Wireshark, client/server ‘protocol pollution’, web server, PKI and OpenVPN. The course will cover the essential components and main areas of the operating system (Linux kernel essentials, service startup, scheduled tasks, processes). The participant will understand how the internal components of Linux work, how it is configured and managed, and how services are provided by Linux. Basic ideas of embedded Linux will also be presented. Finally, participants will learn the concepts of forensic analysis of a Linux-based system: retrieving operating system details, describing the system configuration, including examining the system environment, system users , protected areas (jails, sandboxes). This instructor leader training will provide hands-on experience through hands-on workshop and theoretical knowledge. At the end of the course, all participants will take an exam and upon successful completion they will receive an official certificate for passing the course.

Mobile Forensics Basic (October 24-28, 2022)

This course will provide trainees with the knowledge and skills they need to perform forensic examinations of mobile phones: collections from handsets and SIM cards, extraction of physical data from various types of devices such as iOS and Android, data analysis, search, bookmarking, visualization, incorporation of MPE + Tablet and Investigator, During the course will be used and presented XRY, UFED, Oxygen, Mobile Phone, Examiner Plus (MPE +).

Comments are closed.