Capcom: Ransomware gang used old VPN device to breach the network

Do you include your backup facilities in your threat modelling and pen test exercises?…:

Capcom has released a new update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals.
[…]
Investigators discovered that Ragnar Locker operators gained access to Capcom’s internal network by targeting an old VPN backup device located at the company’s North American subsidiary in California.
[…]

Original Article