Full Operational Shutdown—another cybercrime case from the Microsof... 1 of 5 Security https://www.microsoft.com/security/blog/2020/04/02/full-operational-sh... Solutions Products All Microsoft Search April 2, 2020 Full Operational Shutdown—another cybercrime case from the Microsoft Detection and Response Team Berk Veral Director, Cybersecurity Solutions Group Recently, we published our first case report (001: …And Then There Were Six) by the Microsoft Detection and Response Team (DART). We received significant positive response from our customers and colleagues and our team has been getting inquiries asking for more reports. We are glad to share the DART Case Report 002: Full Operational Shutdown. In the report 002, we cover an actual incident response engagement where a 03-Apr-20, 9:53 PM Full Operational Shutdown—another cybercrime case from the Microsof... 2 of 5 https://www.microsoft.com/security/blog/2020/04/02/full-operational-sh... polymorphic malware spread through the entire network of an organization. After a phishing email delivered Emotet, a polymorphic virus that propagates via network shares and legacy protocols, the virus shut down the organization’s core services. The virus avoided detection by antivirus solutions through regular updates from an attacker-controlled command-and-control (C2) infrastructure, and spread through the company’s systems, causing network outages and shutting down essential services for nearly a week. In our report, you can read the details of the attack and how DART responded, review the attack lateral progression diagram and learn best practices from DART experts. Stay tuned for more DART case reports where you’ll find unique stories from our team’s engagements around the globe. As always, you can reach out to your Microsoft account manager or Premier Support contact for more information on DART services.   DART provides the most complete and thorough investigations by leveraging a combination of proprietary tools and Microsoft Security products, close connections with internal Microsoft threat intelligence and product groups, as well as strategic partnerships with security organizations around the world. Filed under: Microsoft Detection and Response Team (DART), Phishing You may also like these articles 03-Apr-20, 9:53 PM Full Operational Shutdown—another cybercrime case from the Microsof... 3 of 5 https://www.microsoft.com/security/blog/2020/04/02/full-operational-sh... 03-Apr-20, 9:53 PM Full Operational Shutdown—another cybercrime case from the Microsof... 4 of 5 https://www.microsoft.com/security/blog/2020/04/02/full-operational-sh... Get started with Microsoft Security Microsoft is a leader in cybersecurity, and we embrace our responsibility to make the world a safer place. Get all the news, updates, and more at @MSFTSecurity What's new Microsoft 365 Surface Pro X Surface Laptop 3 Surface Pro 7 Windows 10 apps Microsoft Store Education Enterprise Developer Company Azure Microsoft Visual Studio Careers Account profile Microsoft in education Download Center Office for students Microsoft Store support Office 365 for schools Returns Deals for AppSource Automotive Government About Microsoft Windows Dev Center Company news Developer Network Privacy at Microsoft TechNet Investors Healthcare 03-Apr-20, 9:53 PM Full Operational Shutdown—another cybercrime case from the Microsof... 5 of 5 Order tracking Store locations Buy online, pick up in store students & parents Manufacturing Microsoft Azure in education https://www.microsoft.com/security/blog/2020/04/02/full-operational-sh... Financial services Microsoft developer program Retail Channel 9 Diversity and inclusion Accessibility Security Office Dev Center In-store events Microsoft Garage English (United States) Sitemap Contact Microsoft Privacy & cookies Terms of use Trademarks Safety & eco About our ads © Microsoft 2020 03-Apr-20, 9:53 PM