Really it started relatively innocently you have an engineer who's looking at the

server and looking at files on the server. This is a story about a cyber

attack on a video game studio as a software engineer was hard at work on the company's

next big game, he saw one of his files had been moved by an imposter in their network.

So he immediately reaches out to the head of IT, the main IT guy, and says,

who is this?

Who owns this account?

The main IT guy was the super admin,

so he knew right away that something was wrong,

and this wasn't a normal account. So actually what he did just shut down all the accounts,

killed all sessions, locked everybody out,

required a password change,

while he could dig into this because he immediately was pretty freaked out about what was happening.

What they realized was someone had come in and made a number of accounts as super admin and had been poking around and looking at everything and even

exfiltrating information. They had no idea how long this had been going on,

how much data had been extracted, or what else was lurking in their network.

They started digging into it and they found locker software, so ransomware software that would encrypt

and it was on the server and it was ready to be deployed, but it hadn't been deployed.

Catching the ransomware didn't mean the company was safe.

They still had to investigate all of their files and their accounts, searching for any other signs of attack.

And worst of all, they had to stop working on the new game.

Those minutes count and those days count.

...