After Donald Trump’s campaign announced it would accept cryptocurrency, the operators of a host of fraudulent websites have sought to hustle his supporters.
Quite a lot, actually. This is really a summation and not comprehensive.
Evaluate an environment after incident:
looking for IOCs, determine spread
Determine backup status and restore if possible
Return environment to healthy state (AD restore, replication, networking, etc.,)
Lockdown of security holes
Advise on best practices going forward
Decrypt environment if client pays ransom
etc., etc.
Depending on the complexity of the environment, this can take a lot of time and effort: much bigger than most internal teams are capable of doing. A client I had in Feb-Mar lasted a total of 3200 hours of work between 12 people on my team across 34 locations to unfuck the situation.
That’s an industry now? What do you guys do?
Quite a lot, actually. This is really a summation and not comprehensive.
etc., etc.
Depending on the complexity of the environment, this can take a lot of time and effort: much bigger than most internal teams are capable of doing. A client I had in Feb-Mar lasted a total of 3200 hours of work between 12 people on my team across 34 locations to unfuck the situation.