The pink staff went forward with malicious information encryption. They moved onto delicate IT programs, escalating their privileges alongside the best way, earlier than extracting delicate company information and emails. The assault staff determined in opposition to finishing up any operational disruption since that they had no want to be thought-about or handled like terrorists — they had been strictly in for the cash, going ahead with try to extort Springfieldshire Water Remedy for as much as £20 million.
In the meantime, over on the blue staff, incident response kicked in because the defenders put collectively a plan trying to comprise the assault and restore affected programs.
Throughout this section of the train, the blue staff obtain a name from their authorized division advising them to tell the UK’s Nationwide Cyber Safety Centre and regulators in regards to the assault, warning that failures might lead to fines or legal responsibility points. Notifying companions and bringing within the experience of exterior incident response specialists turns into a serious focus for the defenders at this stage of the sport.