“Firstly, ensure every single computer on your network has security software installed and managed centrally. Attackers love unprotected machines. Next, make sure they are getting patches regularly and remember if a computer hasn’t rebooted for a year, then it likely hasn’t applied any patches either,” said Mackenzie.
It’s important to constantly check for suspicious activity on any network. A good cybersecurity team can detect and react quickly to any threat. In this ransomware attempt, the team discovered the use of Cobalt Strike being used before a lot of damage was done.
