When an worker opened the doc and executed the file, the adversaries penetrated the Workplace network. A possible mitigation is User Education, in which enterprises can minimize the risk by conducting protection awareness teaching; consequently, personnel would be additional knowledgeable of those social engineering attacks and understand how to behave https://www.researchgate.net/publication/365308473_Development_of_Cyber_Attack_Model_for_Private_Network
