North Korean hackers have broken into our system while our security officer was on vacation. Help us find out how they did it. We believe that they began destroying our network starting from this Windows share:

\\167.99.136.11\

You can use Windows, or you can use smbclient