Workshop 12: Ransomware attacks: legislation, prosecution and investigative tools

This workshop focuses on strategic and operational approaches of   investigating ransomware, including the capacity of prosecution to mitigate the increasing trends of this phenomenon. More specifically, the workshop will enable targeted discussions with legal professionals, prosecutors and law enforcement personnel on how capacity-building action and simulation exercises can contribute to enhance preparedness and increase response capacity to ransomware attacks. This session will be the opportunity to share good practices and explore how models for investigation/cooperation and data/tool sharing can be replicated at the country or regional level in Africa. Also, to highlight the importance of coordinated responses between investigators and cybersecurity experts for the collection of e-evidence.

The workshop aims at addressing specific lessons learned from collaborative LEA-CERT exercises supported by C-PROC office and other partners, including key aspects lined to ransomware such as darknet investigation, digital forensics, OSINT, identification of command-and-control servers, data preservation, crypto analysis and identification of suspects.