Task_1(T1): Responding to a malware attack

This task is to triage the current malware threat and figure out which infrastructure is affected.

First, find out which key infrastructure is currently under attack. Note the priority of the affected infrastructure to the company - this will determine who is the respective team to notify.

After, draft an email to the respective team alerting them of the current attack so that they can begin an incident response. Make sure to include the timestamp of when the incident occurred. Make it concise and contextual.

The purpose of this email is to ensure the respective team is aware of the ongoing incident and to be prepared for mitigation advice.

Task_2(T2): Analysing the attack

Draft an email to develope a Firewall Rule to Mitigate malware attack

Task_3(T3): (Technical) Mitigate the malware attack

Use Python to develop a firewall rule to mitigate the attack. Develop this rule in firewall_server.py.

Task_4(T4): Incident Postmortem

Create an incident postmortem of the malware attack, covering the details you have picked up in the previous tasks.