- This event has passed.
Malware-as-a-service
April 10, 2023 @ 10:00 am - 4:00 pm
April 10-11, 2023 10am-4pm
This course covers one type of “crime as a service” (CaaS) offered on clearnet and darknet spaces, namely malware as a service (MaaS). Specifically, this course introduces participants to MaaS, the clearnet and darknet sites where malware and MaaS are marketed, advertised, and sold, and information about them is distributed. Particularly, attention will be paid to the M.O., tactics, targets, and tools used by perpetrators of this cybercrime.
At the end of the course, participants will be able to:
- Explain basic elements of malware and corresponding threats, differentiate malware from ransomware, and its impact on entities (companies and organizations);
- Explain the basics of network operations, including the Open Systems Interconnection (OSI) model and its protocols.
- Describe tactics, techniques, and procedures used by threat actors, identify Multi-Stage Malware, and explain how indicators of compromise (IOC) and attack (IOA) can be used to reveal threat actors on the deep web and darknet.
- Identify basic information about file structures and hashes, differentiate content from metadata in malware code, and describe how sandbox and automated analysis work.
- Identify Command and Control centers, explain how threat actors orchestrate malware and botnet attacks, and describe how bullet hosters can be used to prevent detection.
- Explain the benefits of static and dynamic malware analysis and identify tools needed to examine network behavior in an investigation.
Upon successful completion of the course, participants will receive a certificate of course completion, and, upon request, can receive technical assistance from the NCFTA through investigative requests for information (RFIs).
This course is funded by the U.S. Bureau of Justice Assistance.
The course is only open to U.S. state, local, tribal. and territorial law enforcement agencies, prosecutors, and judges.