SevTech detected malicious code injected into its client data protection module, with indicators of a nation-state actor. In this high-pressure scenario, what should be SevTech's primary course of action?
A.
Coordinate discreetly with governmental cyber units to gather intelligence.
B.
Notify all clients and suggest immediate disconnection.
C.
Immediately patch the discovered vulnerability and roll out updates without informing clients.
Comprehensive and Detailed Explanation (ECIH-aligned):
According to the ECIH Risk Assessment and Recovery module, neutralizing the vulnerability is the top priority during active exploitation, even in nation-state scenarios.
Option C is correct because immediately patching and deploying updates removes the attacker’s access vector and prevents further compromise. ECIH discourages counter-hacking and premature disclosure without containment.
Options A and B may follow after stabilization. Option D is illegal and prohibited.
Therefore, rapid patching is the correct primary action.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit