Wanna Cry ransomware infects hosts and encrypts files while installing a backdoor Trojan.
A suspicious outbound FTP connection was allowed through the firewall to a “not normal” destination.
Command & control traffic indicated a “botnet” type of malware that was connecting to a China-based control server.
A bank experienced unauthorized sharing of documents involving users connected to file sharing and exploited vulnerabilities in remote control service.
Customer had to prepare for and pass an external audit within 90 days in order to avoid penalties of up to $100,000 per month.