ASK Neadom Episode: I Got HAcked!

How To Respond When Your Business Gets Hacked

Introduction

Hey guys, welcome to this week's Ask Neadom. This week, we're going to take a look at what to do if you get hacked. Hopefully, this is a prep video for you, and you're not watching this because you've just been hacked. Our goal is to prepare you in case this happens again. Being prepared is the best response to incidents like this. We'll cover seven essential steps to take care of in your business in case you get hacked.

Step 1: Unplug the Internet

The first thing you need to do once you realize you've been hacked and have infected machines is to unplug the internet. Do not power off the machine. Instead, go to the back and unplug where your internet comes in, whether it's Comcast, AT&T, Spectrum, or another provider. Unplug the modem from the wall, power everything down, and ensure there's no power going to the router or the internet provider. Just unplug the internet from the router itself.

Step 2: Don't Turn Off Your PC

Do not turn off your PC. Many viruses and new threats sit in memory. To find out what happened, you need to look at what's in memory because many of these applications reside in memory now, not on your local PC.

Step 3: Shut Down Your Network

In addition to shutting down your internet, you need to unplug your network switches. Unplug the power from all your Ethernet switches. Do not unplug all the Ethernet cables, as that will be a mess to turn everything back on. Just unplug the power to prevent the device from spreading across the network.

Step 4: Call an Expert

Once you've done your best to stop the spread through the network, call an expert. If you don't have an IT or cybersecurity expert, find one and set up a contract. It's not a matter of if you'll get hacked, but when. Make sure you have a trusted advisor you can call in the event of a hack.

Step 5: Assess Recovery Time

The time it takes to recover depends on how prepared you were beforehand, the quality of your backups, and how long the hackers were in your environment. Some cities that have been hacked couldn't recover from backup because the hackers had been in their systems for months before the attack, deleting backups and backup data. Ensure you have an offline backup method, such as off-site tape or a virtual tape library, to prevent hackers from deleting your data.

Step 6: Incident Response

What will you do to let your clients know you were attacked? It's better for your clients to hear from you than from the news. Be forthcoming with information to your trusted clients and employees. Call your top ten clients and send an email to let them know what happened. If you're unsure about a data breach, inform them and provide an estimated recovery time. Ensure you have a process in place to take orders if your systems are down.

Step 7: Communication

Keep communicating with your clients. Let them know if you don't have an update yet. The more you communicate, the better off you'll be because your clients will know they're kept in the loop.

Conclusion

I hope this doesn't happen to you, and you're seeing this from a preparation standpoint. If you need help, please reach out to us for assistance.