Abstract The rapid development of technology, including the internet, can trigger data security issues that harm individuals, organizations, or government agencies. One type of attack often used is a Brute Force attack, which falls under the category of cybercrime. The National Institute of Standards and Technology (NIST) often analyzes digital evidence in these cases. This study analyzes Brute Force attacks using NIST methods on a router that is an additional router to the main router. On the network at the Faculty of Engineering, Universitas Muhammadiyah Magelang (UNIMMA), information about the attack and patterns used by the attacker were successfully obtained, including the IP address and time of the attack. It is concluded that the additional router is vulnerable to Brute Force attacks, and firewall settings are necessary to secure it.