Collaboration between various state cyber agencies results in comprehensive technical guidance for incident response

Published: Friday, 04 September 2020 08:06

A joint advisory has been issued which presents the result of a collaborative research effort by the cyber security authorities of Australia, Canada, New Zealand, the UK, and the US. It highlights technical approaches to uncovering malicious activity and includes mitigation steps according to best practices.

Key points:

When addressing potential incidents and applying best practice incident response procedures:

First, collect and remove for further analysis:

Next, implement mitigation steps that avoid tipping off the adversary that their presence in the network has been discovered.

Finally, consider soliciting incident response support from a third-party IT security organization to:

Read ‘Technical Approaches to Uncovering and Remediating Malicious Activity’ (PDF).