The pink staff went forward with malicious knowledge encryption. They moved onto delicate IT programs, escalating their privileges alongside the best way, earlier than extracting delicate company knowledge and emails. The assault staff determined towards finishing up any operational disruption since that they had no want to be thought-about or handled like terrorists — they have been strictly in for the cash, going ahead with try and extort Springfieldshire Water Remedy for as much as £20 million.
In the meantime, over on the blue staff, incident response kicked in because the defenders put collectively a plan trying to comprise the assault and restore affected programs.
Throughout this part of the train, the blue staff obtain a name from their authorized division advising them to tell the UK’s Nationwide Cyber Safety Centre and regulators concerning the assault, warning that failures may end in fines or legal responsibility points. Notifying companions and bringing within the experience of exterior incident response specialists turns into a significant focus for the defenders at this stage of the sport.
