Techblog
What should you do after your business has been attacked by cyber criminals?
Has your business been hit by a cyber attack? If you run a small- or medium-sized enterprise (SME), you are not alone. According to the global 2015 Internet Security Report, 60 per cent of all cyber attacks in 2014 were targeted at SMEs. It is also troubling that businesses are often unaware that they have been attacked.
While the nature of attack will determine your response, some initial steps can help contain the damage.
Firstly, it is important for businesses to know when they have been attacked. This may sound obvious but often, many SMEs are unaware that they have been attacked by cyber criminals until it is too late.
Keshav Dhakad, regional director of the digital crimes unit at Microsoft Asia, told The Straits Times that it takes an average of 200 days for organisations to find out that they have been victims of cyber attacks – more than enough time for malware to steal important and confidential information.
Spot the signs of a cyber attack early
What are some indications that your business has been attacked by cyber criminals? One warning sign is if your computer suddenly operates very slowly. This may occur when the cyber criminals use your computer’s resources in the background to send infected emails or data to another computer. Another sign that you may have been hacked is a slow internet connection. On some occasions, users may lose control of their systems when hackers remotely access and take control of their keyboards and cursors.
Once you have determined that your business has been attacked, it is important that your business take the following steps.
Minimise damage by immediately working on your internal systems
If your firm has an IT team, get them involved immediately. They can help investigate the causes and take remedial action to contain and then rectify any damage. They will also work to secure your network against future attacks and develop a plan in case an attack should happen again.
Meanwhile, changing passwords is a good first step that anyone can do. It is useful especially on accounts that have administration rights or access to sensitive information.
After you have changed your password, make sure to disconnect. Disconnecting can help contain the damage. To do this, you physically unplug the computer or server from the router or network, or if the connection is through Wi-Fi (wireless connection), you disable the computer’s Wi-Fi capabilities. The option to do so can be found under the settings for network connections.
If your website has been hacked and vandalised, contact your Internet hosting service. They can help get your website back to the way it should be. You will also need to change the password that gives you website administrator access.
Understand how the attack has affected your business and clients
The next step to take is to understand how the cyber attack has impacted your business, as well as to restore your affected systems.
If any information, such as your company’s internal data or your customers’ personal data, has been exposed, you will want to understand the legal implications of the breach.
You may have to inform your customers if their data has been stolen, or contact your bank should you believe your finances have been compromised. In the latter case, you may need to take steps such freezing or closing your accounts, even if no money has yet been lost, to bar the thief from accessing the accounts in the future. You may also have to make a police report.
Taking preventive measures
Recovery actions may include restoring your data from back-ups, reinstalling the operating system on affected terminals, and doing a full scan of your network.The Business Backup Suite is a backup and disaster recovery solution that will help business deploy and manage backup service easily and quickly with zero lead time.
Singtel Business Backup Suite is a backup and disaster recovery solution that delivers complete data protection on your physical workstation and servers,
Preventing future attacks is also important. Singtel offers a suite of security solutions catering to SMEs, covering emails, website, web surfing, website protection and mobile security.
Secure Email Gateway stops emails that contain malicious links and delivers real-time protection against the latest email threats, while the Endpoint Security Cloud comprises technologies such as antivirus, anti-spyware, firewall and host intrusion prevention.
Companies looking for more comprehensive protection may wish to use Singtel’s Managed Security Services, where Singtel works with your organisation to understand your security set-up and cost concerns, and then provides customised solutions to address your needs.
Insuring against cyber attacks may also be a good idea. Cyber insurance policies that cover the expense of dealing with a breach, as well as liability to customers and vendors, are available in the market.
-
Learn how to spot signs that your business has been attacked by cyber criminals. The signs include your computer suddenly operating very slowly or if your internet connection is slow.
-
Contain the breach by unplugging computers and/or servers.
-
Mobilise in-house IT team or get some qualified help.
-
Conduct a thorough investigation and make sure it doesn’t happen again by employing preventative measures.