Defense against them


  • Review domain controllers, servers, workstations and active directories for new or unrecognized user accounts.
  • Back up data regularly and password-protect backup copies offline.
  • Use network segmentation.
  • Require administrator credentials to install software.
  • Establish a recovery plan to maintain and retain multiple copies of data and servers in a physically separate, segmented and secure location.
  • Update and patch operating systems, software and firmware frequently.
  • Utilize multi-factor authentication (MFA).