Very little is known about this incident, but there are some pro-active steps that organizations can take to prevent or minimize malware damage. Educating employees on how to recognize phishing, the primary method of virus distribution, should be a priority. Publishing training bulletins is insufficient–instead, provide employees examples of types of phishing emails through active testing and phishing simulation. It is also recommended to either perform or have a third-party agency perform routine penetration tests on critical systems, especially those used for financial services or payment processing. Companies like TrustedSec are experts at performing penetration tests and providing practical advice for improving security measures. Endpoint detection systems are crucial in any company’s infrastructure–these systems are capable of detecting signs of attacker behavior and giving defenders the chance to shut down attacks before they have a chance to do serious damage. The Binary Defense Security Operations Center is able to provide a 24 hour a day service that keeps an eye on systems and responds quickly to mitigate attacks, even outside of business hours.