Several nations have banded together to issue a joint advisory with technical approaches to uncovering malicious cyber activity. Australia, Canada, New Zealand, the UK and the United States recommend approaches to stop cybercrime and mitigate its harmful effects.
Key takeaways include:
- Collect relevant artifacts, logs and data and remove them for analysis.
- Implement mitigation steps that avoid tipping off the cybercriminal that their presence has been discovered.
- Consider soliciting incident response support from a third party IT security organization in order to get subject matter expertise and ensure the cybercriminal is removed from the network.
A copy of the advisory may be accessed by clicking here.