When faced with a cyberattack, the worst thing you can do is panic because time is of the essence. Your top priority now is limiting the damage by securing your unaffected data. On your worst day, it helps to have a technology service provider who can help guide you through this tough tech situation. Here are six steps you and your TSP can follow during a cyberattack to minimize damage and speed your recovery time.
Step 1: Assess the Situation
Before sounding the alarm, you need to know if this is simply an error or the real thing. Once you know for sure, notify whoever within your organization that can determine what type of attack you’re dealing with and how to stop it.
Step 2: Contain the Breach
After determining that this isn’t a glitch, your next step is to protect your unaffected network by containing the breach. First, figure out which servers are compromised, then contain the breach by doing the following:
• Disconnecting from the internet
• Changing passwords
• Disabling remote access
• Installing any pending security upgrades or patches
It may seem easier to erase everything from an infected server, but containing it will allow you and your tech team to figure out who broke into your network, how they were able to do it and what you can do to prevent it from happening again.
3. Determine What Was Stolen
This step is sometimes overlooked in the commotion of the initial news of the attack, but it’s a critical step. Knowing what was stolen will determine the priority of which things need to get fixed first and what steps need to be taken. The process for handling a hack may be different for compromised emails versus compromised bank account numbers.
Step 3: Get Your Backups Ready
If you have backup servers and data ready, now is an excellent time to use them. However, before you turn them on, have your IT team check to find out if the backups were also affected by the attack. Backup servers can keep your networking running while you continue trying to stop the breach.
If you don’t have backup servers, simply turning your main servers off and on again won’t help. Keep your main ones on, so you and your team can analyze the breach and stop it without shutting down your entire network.
Step 4: Notify the Authorities
While it may be tempting to think of a cyberattack as an internal problem, it’s not in your best interest to keep this under wraps. Notify your local police department to inform them that you’ve been hit with a cyberattack. Also, keep in mind that you may need to contact more government agencies or industry organizations, depending on the type of data compromised or the notification processes within your field.
Step 5: Don’t Pay the Ransom
If the hackers are demanding a ransom in exchange for giving back your data, don’t do it. There is no guarantee the hacker will honor his end of the deal after you’ve sent the money. According to CSO from IDG, about 45 percent of organizations pay at least one ransom when hit by ransomware attacks. Paying the ransom will only encourage more hackers to do this kind of attack in the future.
Step 6: Notify Your Clients
This can be one of the most challenging steps following an attack, as many companies can be reluctant to share their bad news. However, you must let your customers who had their information compromised know what happened. That way, they can start to take action to prevent further damage.
How We Can Help
The best time to prevent a cyberattack is to have a complete security solution in place before a hacker attempts to break in. Don’t wait until it’s too late, have our team of cybersecurity experts run a security audit and create a solution that protects your business from the cybercriminals of tomorrow.
Secure Your Data
Find out how we can keep your network safe from threats. Contact Us Today