What to Do During a Cyber Attack
Did you know cyber criminals can get past 93% of company networks?
Even though technology has made our lives simpler and more convenient, it has also opened the door to threats like cyber attacks. The entire world is becoming connected, including our devices.
As a result, cyber attacks that exploit data breaches, ransomware attacks, and leaks have become more common. It is only a matter of time if this will affect you or not.
If you are wondering what to do during a cyber attack, this short and simple guide is for you.
The first step is to make sure that you’re not spreading panic. You’ll want to keep employees informed about what’s going on, but don’t give out too much information or tell them things that aren’t true or may not be confirmed yet.
It’s also important for the entire team, including IT, HR, and other departments, to work together during a data breach so everyone knows what their role is and how they can help.
If you’re in a situation where you have to decide whether to tell employees that the company has been breached, there’s no one-size-fits-all answer. It depends on how quickly you can get access back to your network and other IT resources.
If you can’t restore access to your network in a reasonable amount of time, it makes sense to inform employees that they may have been the victims of a data breach and to offer them identity theft protection services.
Know What You’re Dealing With
Cyber security breaches come in all shapes and sizes, so you must understand what type of attack you are facing before doing anything else.
Here are some common types of cyber attacks:
Ransomware: This type of attack encrypts all your data and then demands payment for unlocking it. It’s often spread through email attachments or websites that have been compromised.
Distributed Denial of Service (DDoS) Attack: This type of attack overloads your network with traffic until it crashes. The goal of a DDoS attack is to make your website or network unavailable. It’s often used to extort money from companies, as well.
Malware: Malware includes viruses, spyware, and other malicious code installed on your computer without your knowledge. It can steal sensitive data or cause damage to your systems.
Phishing: Phishing involves emailing or sending a text message pretending to be from someone or something trustworthy. The goal of phishing is to get you to click on a link or open an attachment that contains malware or another type of malicious code.
Hacking: This form of cybercrime involves accessing a computer without permission, which can cause data theft or system damage.
Ransomware: This form of cybercrime involves an attacker locking down your computer or your files and then demanding payment to get them unlocked again. The scam is often referred to as “crypto-ransomware” because it uses a cryptocurrency like Bitcoin.
It’s important to know which cyber attack you’re dealing with because it can have a significant impact on how you should respond.
Disconnect From the Internet
Next, disconnect from the internet. This will prevent attackers from finding out if the attack has been successful and stop them from gaining access to any information they may have stolen.
The most important thing is to unplug your cable modem and router, then turn off any other devices that connect to the internet like laptops, smartphones, and tablets. You can also use an Ethernet cord or switch off Wi-Fi if you have one of these options available. If you’re not sure how to do this, check your device’s instruction manual or contact the company that made it.
Once you have disconnected from the internet, remove any external hard drives, CDs, and DVDs that contain sensitive information. You should also empty the trash on any devices that connect to the internet and delete files and folders on your computer if necessary.
It is important to reset your router and modem. You can do this by pressing the reset button on each device or unplugging them for a few seconds before plugging them back in.
This will prevent any further damage to your organization.
Assess the Situation
It’s important to assess the situation. Put together a detailed list of everything that happened during the attack so you can provide accurate information to law enforcement officers investigating the incident.
This includes details about what happened when you noticed the breach and any attempts made by hackers to access sensitive data in their efforts to infiltrate your system. It’s also important to note the time of day and how many people were using your system.
This information can help determine whether hackers accessed any personal data and why they could do so without being detected.
You should also keep a list of any systems or applications that were compromised during the attack. This can be helpful if you need to do a thorough cleanup after the incident, as well as when you’re preparing for future cyberattacks.
It’s important to note that this step is an ongoing process and will probably require updates regularly until it is complete. The cleanup process can be a long and arduous task. You may need to work with several teams within your organization or partner with external experts, such as a cybersecurity firm.
Contact Technical Support
Get help from IT professionals as soon as possible by contacting support staff or hiring outside contractors to assist with the clean-up process. They will assess the situation and let you know how much damage has been done so far.
They will also walk you through mitigating the damage and restoring your system. They can provide a temporary solution until you have time to implement a more permanent one.
If you’re not sure who to contact, check with your IT department or call an outside security consultant for recommendations. After they have assessed the damage, they will attempt to repair your systems.
They may also help you identify ways in which you can prevent future attacks from happening. They will also ensure that your data is secure and safe.
Once your systems have been repaired, you can implement new security protocols to prevent future attacks from happening.
Contact Law Enforcement
If your company has been hacked or if you suspect criminal activity on your network, contact law enforcement immediately. The FBI’s Cyber Division field offices have agents who can help victims of cybercrime identify the perpetrators and stop them from continuing their activities.
As soon as you call law enforcement, they will begin an investigation into the incident. They will gather evidence and interview witnesses to determine the extent of damage caused by the cybercrime.
Once law enforcement has gathered the evidence and ensured that they have enough information to proceed with their investigation, they will contact you with the next steps.
The FBI may ask for your help in identifying other victims of the same crime or for additional information about what happened. They may also request that you speak directly with one of their agents, who can help facilitate recovery efforts if necessary.
They can also help you identify which law enforcement agency is best suited to handle your case based on its jurisdiction. If the incident occurred outside of the United States, contact your local FBI office and let them know so that they can reach out to their foreign counterparts.
Contact Your Insurance Agency
If an online theft happens, contact your insurance agency as soon as possible. They’ll help you recover from any losses related to the hack.
If your business has cyber liability insurance, this coverage may pay for certain expenses related to recovering from an attack. For example, your insurance agency may pay for the cost of hiring a cyber security firm that can help you identify the cause of the attack and prevent future hacks.
They may also reimburse you for any legal fees incurred when dealing with law enforcement agencies or regulators.
If your business doesn’t have cyber liability insurance, consider buying some. This type of coverage can help protect your organization from cyber attacks and other data breaches that result in financial losses.
If you need to know about cyber security insurance for your business, you can read full information here.
Check Your Financial Accounts
Immediately check your bank accounts and credit cards for any suspicious activity. If you find any, contact the bank or credit card company immediately.
If you receive an email from your bank or credit card company asking you to review recent transactions and confirm them, it is likely a phishing email trying to steal your login credentials. Do not click on any links in this email, instead go directly to your bank or credit card website to check your account status.
If you receive a call asking you to verify your credit card information over the phone, hang up immediately. Do not confirm any details or provide any personal information.
If you receive an email from someone claiming they have seen suspicious activity on your Google Account, do not click on any links in the email. Instead, go to Google Security or click here to reset your account password online using 2-Step verification.
If you have questions, call the bank directly. If the hackers compromised your financial accounts, it is important to act quickly so that you don’t fall victim to identity theft.
In addition, be sure to monitor your credit reports for suspicious activity. You can do this by ordering a free copy of your credit report.
Consider having a credit freeze put on your files with the three major credit bureaus. A credit freeze prevents lenders from accessing your credit file unless they first get your permission through a PIN you set when you place the freeze on your account.
Change All Online Passwords and Security Questions
You should also change any other passwords that might have been compromised. This includes passwords for email accounts, social media accounts, and any other online services you use.
You should also change the security questions on these sites. This is because a hacker could have accessed these to reset your password. If you have trouble remembering all of your new passwords, consider using an app like 1Password or LastPass instead of writing them down.
These apps will also help you generate strong passwords that are hard for hackers to guess.
You should also enable two-factor authentication on all of your important accounts. This is a security feature that requires you to enter a security code generated by an app on your phone before logging in.
This makes it harder for hackers to access your account, even if they have your password.
Get Ready for Retaliation
If a cyber attack has hit you, there’s a good chance that whoever did it will come back for more if they don’t get what they want right away. Make sure you have backups of any valuable information stored in the cloud, offline files, or hard drives so that if something happens, you won’t lose all of your data forever.
Keep a close eye on your devices, too. If someone has broken into your computer or smartphone and is spying on you, they may have installed spyware that lets them take over your device remotely.
They can also steal data from other networks or even record videos of whatever you’re doing. If you suspect that someone has installed spyware on your device, check with a professional. They should be able to pinpoint the location of the spying software and help you remove it.
What to Do During a Cyber Attack? This Is How to Mitigate the Damages
So, what to do during a cyber attack?
While cyber attacks are scary, businesses and individuals need to know what to do should they find themselves on the receiving end of one.
While some companies may require their employees to halt all operations and disconnect from their network, others may work around the issue more gracefully. In the end, it is important to remember that cyber attacks are just one of the many risks of doing business in today’s world.
Don’t forget to browse our site for advice on security, entertainment, finance, and more.