Example of a tabletop scenario (cyberattack simulation)
Here's an example of a simulation scenario (tabletop) to get you practicing
On Friday at 11.57PM your system administrator receives an alert indicating that the antivirus has stopped on his AD (domain controller). A few minutes later, he receives alerts indicating that the antivirus has also stopped on 18 other servers, including servers storing personal information.
This situation seems abnormal, and the stressed sysadmin decides to connect to these servers to check. He discovered that it was impossible to connect remotely to these servers. He decides to go to the office to check locally. He arrives at the office at 2.53AM.
When he connects locally to his domain controller AD, he sees a large logo indicating that the server has been hacked!
A ransom note is left in each directory. The note indicates that the organization's data has also been exfiltrated. The hacker has left a TOR link to contact him for negotiation.
Your sysadmin sees the same ransom note on the other servers and his stress level skyrockets.
In a panic, he shuts down the Internet. He then tries to reach his manager, who doesn't pick up. It's 3 a.m. on a Saturday morning...
You don't know how many servers and computers have been infected by the ransomware.
For this simulation, let's assume that you take backups, but you've never tested them (like most organizations).
How are you dealing with this incident?
How can Streamscan help?
The consequences of a cyber attack can be major. You need to be impeccably prepared, so that you're fully equipped to deal with any incident.
Need help creating your incident response plan or simulating a cyber attack?
Contact us at +1 877 208-9040 or talk to one of our experts.