wHAT TO DO IF YOU'VE BEEN HACKED
Being hacked is every company’s worst nightmare. No one wants to deal with the ramifications of being hacked but it does in fact happen to the majority of companies on the Internet. In today's world, no one is safe.Although it is highly recommended to have an incident response plan written and tested, Trojan Horse Security has compiled a list of useful steps to follow should you be without one:
1. Verify that a breach actually occurred.The 1st step is to gather as much information as possible to verify that an attack actually took place. Analyze logs to track traffic and alerts for a possible intrusion.
2. If you can confirm that an attack actually took place, take steps to contain the damage and protect your business assets.Taking down the whole network could cause additional damage to your company’s operations. If necessary, take down the servers or computers that you believe have been affected. This will quarantine the affected applications and devices while still allowing your company to operate.
3. Contact the relevant department so to decide if a public statement needs to be made about the incident. If the news of the breach will leak out eventually you will want to get out ahead of this and make the statement in your own words.
4. Clean up the mess. To do this, you may need to hire a professional computer forensics company to ascertain what systems were actually affected. You will also want to change all your passwords, ensure systems are hardened and up-to-date, and understand how the breach occurred in the 1st place. Understanding how a breach occurred will enable you to ensure that the breach does not re-occur.It is also advisable to look at what went wrong strategically; were the right policies in place, were they enforced, or were you simply hit with a zero day attack?Finally, when you restore data from a breached system, ensure that you do not re-infect it.
5. Plan for the future. Plan ahead with an incident response plan that you can act on in the event your network is compromised.Also, conduct a comprehensive assessment of all your systems to ensure you are free of known vulnerabilities.
If you have any questions or need any assistance you are not alone. Feel free to call us 24x7 to speak to an expert and discuss your situation.