Written by Chris Thornton
When an infection occurs, the damage can be varied, from performance issues to theft of personal information or data loss. In the most severe cases, how your organisation reacts could make all the difference to your recovery…
We constantly stress the importance of preventative cyber-security: awareness, education, up-to-date antivirus tools… but what happens when those defensive measures fail? With 74% of SMEs reporting a hacking incident in 2015, it’s obvious these attacks can and do still happen…
Cyber-criminals succeed by exploiting confusion, ignorance and uncertainty, especially in small businesses which lack the dedicated IT resources to respond quickly. If you’re worried about becoming a victim, don’t despair: cut through the confusion with our step-by-step guide to surviving a hack, fighting back and moving your company out of danger…
The earlier you spot an attack, the better your chance of dealing with it. You may not realise your system has been compromised until it’s too late – fortunately, there are warning signs:
If your system or network has been compromised, establishing exactly how much of your network has been compromised requires specialised technical knowledge. If you don’t employ trained IT staff, turn to professionals at this point. So, what are your options?
A competent, thorough investigation is crucial, not only to establishing the scale of the attack, but to revealing how your system was compromised.
Having investigated the impact of the attack you can begin shutting down your network and scrubbing the damaged sectors. This process includes:
Removing system weaknesses is a crucial step towards protecting your company from future attacks. Defective hardware can be replaced, software flaws can be patched – but some weak points, like stolen passwords, point to a need to re-educate employees in how to protect their data.
With this in mind, repairing your network may go beyond fixing technical exploits. You may need to initiate a company-wide behavioural change, encouraging employees to identify and avoid phishing scams and other cyber-security red-flags.
Communicating with employees and clients isn’t really a ‘last step’, and should be an ongoing process from the initial infection all the way through to the resolution – especially since you may have serious legal obligations to clients regarding their data.
At the same time, however, hasty speculation isn’t helpful – if you can, wait for your investigation to deliver definitive, useful information before acting to inform staff and clients.
Although we’re discussing the consequences of an incident, our trusted philosophy of preventative measures still applies. Knowing how you are going to react to an incident maximises the efficiency of your recovery:
Finally, don’t assume that since you’ve dealt with the incident, you’re somehow protected from similar attacks in the future. Cyber criminals are constantly probing for weaknesses – by actively learning from your recovery, you’re arming yourself against the next threat your company faces.
Would your company respond well to a cyber-attack incident? Let us help you create your own cyber-security strategy…