How would you handle a suspected ransomware outbreak on a critical internal subnet at AAA Life Insurance?