|
|
|
|
|
|
by clwg
840 days ago
|
|
|
I suspect they don't have the forensic evidence to determine the root cause. Chances are there are probably too many ways it could have happened, and the evidence was encrypted or simply wasn't being captured. At least they seem to have a plan moving forward that seems considered, though I think a lot of what they want to do is easier said than done effectively. I wish them the best of luck. |
|
|
It said that. The terminal server entry point was completely scorched in the attack. Offsite rlogd would have helped.