- If contacted by the help desk, verify legitimacy by contacting the company’s IT department directly. Avoid clicking links, responding to, or acting on unsolicited text messages or emails.
- Evade downloading software at the request of unknown individuals, and refrain from divulging sensitive information.
- Use strong, unique passwords and enable multi-factor authentication (MFA) for all accounts where available, choosing authentication apps or hardware tokens over SMS text-based codes.
- Keep systems up to date and apply patches after appropriate testing.
- Utilize monitoring and detection solutions to identify suspicious login attempts and user behavior.
- Employ a comprehensive data backup plan and ensure operational technology (OT) environments are segmented from the information technology (IT) environments.
- Technical details, TTPs, and indicators of compromise (IOCs) can be found in the Sophos report.
