Hi Pyae!
Above scenario seems experienced multiple causes and you explained well and clearly for main preventive measurements to protect the attack, so I would like to add few ideas as the following:
To use Endpoint Protection solutions such as anti-malware, antivirus behavior-based analysis to detect and prevent malware infections on endpoints.
To deploy Security Information and Event Management (SIEM) solutions to centralize and analyze activity/event logs, this technology is a security solution to help organization to address possible security threats and vulnerabilities before the system will be disrupted (main functions are to log activity management, event monitoring and risk alerts, compliance reports).