Help! I’ve been hacked: 5 next immediate actions
Data centre optimisation and consequential benefits for businesses
With so much focus on hacking and internet security, many firms of 10 - 100 people will feel that they have put a lot of effort into making their data as secure as possible. Unfortunately, internet security is a moving target, where the threat may be characterised as agile and continually evolving. Consequently, it is impossible for networks to remain impenetrable.
Standard IT best practice, such as upgrading and patching operating systems and applications, and maintaining a reliable backup and Disaster Recovery capability, are all layers that help to ensure that a firm is in a position to resume normal operations within an acceptable timeframe, should it be the victim of an attack.
We may not all own or work for large scale businesses like Tesco, SONY, TalkTalk or Ashley Madison, which have all made big news as a result of cybercriminal attacks. However, it’s not just enterprises; every business needs to be awake to the potential of being hacked.
If your business suffers the misfortune of being hacked, here we offer some advice in the shape of 5 immediate next actions.
If the attack is still in progress, act to limit the damage
Recognising the problem and acting straight away may limit the scale of the damage. Disconnect the network connection of all infected servers and computers and shut down internet traffic. This may prevent affected machines infecting others and stop the flow of data to and from the hackers, if they are externally located.
Get your IT team working with external service providers like your ISP
Make sure the in-house team is working with external providers to contain the situation. At this stage, the overriding consideration is to protect your business data and the information of your customers or clients.
Communicate internally and externally
Communicate with your staff and keep them in the loop, especially those that are customer-facing, such as sales and account managers. There will need to be a formal notification of clients that the security of their data has been compromised. Communication should be swift and avoid any temptation to fudge facts or divert blame. In a post-mortem, any evidence of such tactics may amplify any reputational damage that may occur.
Notify the regulator of the breach
Many breaches of security go unreported. This is a compliance failure. The forthcoming EU General Data Protection Regulation, EU GDPR, is set to turn up the heat on businesses that fail to discharge their data security obligations. Once again, don’t avoid telling the Information Commissioner’s Office (ICO) because it will result in reputational damage should news of the attack enter the public domain.
Look at the mess Yahoo! is in for flawed reporting of the two largest ever identified security breaches in the history of the Internet. These were reported around 2 years after they happened…!
Work to get back to normal as soon as possible
In the worst case scenario, a hack might lead to all data being compromised, such as the ransomware attack at Lincolnshire County Council in January 2016, which encrypted the organisation’s data and took systems offline. This resulted in the workforce of over 5000 employees reverting to manual processes for around one week while systems were restored from backup. Make sure you engage with security experts to understand how the attack occurred, how to prevent it happening again and identify any other flaws which hackers might exploit.
Better data security for your business with HTL Support
One of the most effective ways of reducing the risk of your company network being hacked is to work with a good cloud MSP. The cloud is increasingly being selected by businesses because it is a good way to secure IT infrastructure.
HTL Support uses a layered approach to security, with items such as firewalls, security appliances and Intrusion Detection Systems to alert our network security experts of hacking activity. This often exceeds the security that a typical business of 10 - 100 people can provide to protect its on-premise infrastructure using in-house resources.
To find out about how HTL Support solutions secure your IT infrastructure against hackers, simply get in touch today.