Steps to Take When Your Business is Hacked
There is nothing more frustrating and down right anger-provoking than realising that you have been hacked. Unfortunately the likelihood that it will happen to you at some point is significantly high. The first thing you must do, however, is probably the thing that you feel least like doing and that is to stay calm.
We know that this is easy to say, but panic and impulsive action may actually end up doing more harm than good. If you can just step away, take a breath and then adopt a more measured approach to your response, you will find that the consequences of the hack may not get out of hand.
Your job is to be vigilant, recognise there is a problem by looking for the warning signs and then limit the damage until the experts can take over. Here are some steps you can take to do just that.
Lock down
The first priority is to protect your business and the confidential details of the customers you serve. Completely locking down could be a way of delaying things from getting out of hand and containing the hack. This all depends on what the problem actually is. As soon as you see an issue you need to get your in-house IT team to make a plan. If you have no in-house service or if your own team needs advice then you can turn to us at Defended Solutions for help.
Check out the attack
Next you should find out exactly which systems have been affected and which IP addresses were used. Once you have confirmed the type of attack and whether or not it was a virus, malware or something else, you should have a protocol in place for informing everyone on the network. All staff must be told immediately and advised to delete rogue emails to stop the spread of the hack.
Isolate the infected
At this point you also need to set aside the affected machines. Take the offending applications off the network and switch off any computers that have been implicated. If you have an IT team, get them to check for loop holes and back doors that the criminals might use to sidestep your efforts to contain the breech.
It is possible that a particular supplier’s system has been hacked and the ripple effect is what is affecting your machines. In this case block all accounts linked to that supplier until things have been solved.
Be upfront with all involved
While the main priority is to limit the impact on an internal level, you also have a responsibility to share any breach of data with the police or other regulatory officials. Depending on the nature of the attack, you may need to be prepared to go public with the details of the issue. Stakeholders and customers have a right to be made aware. This might be a worrying prospect with regards to your reputation, but it is much better to be honest and upfront than try to bury things under that carpet that then might resurface later and expose you as a company that has withheld information.
Also, if you are transparent from the start you remain in control of what information will be disclosed and how it will be communicated.
Be prepared for ransom requests
Hard to imagine, but hackers are professionals and commit their crimes for big money, with many going in for ransoming your data that they then try to sell back to you. These people are dangerous and it is wise not to try to deal with them yourself. This is a police matter.
Note: Remember that you must back up regularly and be prepared. If you are forced to wipe your systems and reinstall, you then at least know that your data and that of your clients is not lost.
Your vulnerability
Unfortunately some of these crimes come about due to staff error and many are targeted attacks. Professional hackers are constantly looking to exploit backdoors into your system, so your systems will need to be investigated and dissected if the weak points are to be identified and secured.
Rebuilding
There is no doubt that being the victim of cybercrime is difficult to contend with. It will force you to take stock and make changes to prevent something similar happening again. A new strategy will certainly have to be implemented if your business is to remain secure against any future attempted hacks. The best way to rebuild your business with a view to upping your security and eliminating cyberattacks is to work with experts. See our ‘Rebuilding your Business Security’ blog post for more.
Final Word
While there are several steps you need to action when your business is hacked, it is worthwhile knowing that there is help out there; get in touch with us and we can help you create a strong and secure online platform on which to build your business. We know how important your client data is and we have built up the knowledge and experience over many years in cyber security to help companies like yours protect every individual's personal information with confidence.