Help! I’ve been hacked!

By | Published On: 27 May 2021 | 3.7 min read |

Can you believe that it’s June already?

The past 18 months have seen a huge transformation as businesses adapted to a remote workforce and the digital economy exploded. Cyber criminals and hackers have also been busy and increased their activity to capitalize on new security holes.

If you watch movies or crime series which show hackers in action, it’s usually really sophisticated computer geeks who have built really complex codes and sequences but in reality, it is often unsophisticated methods that continue to be extremely successful.

These include phishing emails to harvest your personal details and passwords and gain easy access to your business-critical environments. Hackers are also using ransomware to hold your data hostage, demanding a ransom payment in exchange for a decryption key that unlocks your stolen data.

When dealing with a cyberattack, there are practical steps you want to follow:

  1. Contain and isolate critical systems
  2. Report the hack to your customers and business stakeholders
  3. Activate your disaster recovery and business continuity plans
  4. Analyse the attack, and remediate

This first step is the most critical: quickly contain and isolate critical systems. There is a chance that if you discover ransomware or other evidence of the hack on your network, it may not have made it to all business-critical data and systems.

Remove known infected clients from the network as soon as possible. Disconnect the machine from the WiFi.  This action prevents any change the infection or malicious code will spread from the isolated clients.

Using a systematic approach of isolation, and containment, while cleaning up the infection, is one of the best ways to regain control of the network and eliminate lingering malicious code.

After system integrity has returned to normal and the imminent security threat has been removed, businesses will want to analyse the attack and remediate any vulnerabilities. This root cause analysis will help to determine any weaknesses in your cybersecurity.

Improving password security is most often a very necessary step. Change all your passwords and use hard to decipher, complex passwords. Use a password manager of you can’t remember the new passwords.

Remember that while a password can be memorable to you, passwords should not be easy. A lot of people forget this, and don’t think about the fact that using an obvious password you came up with in five seconds is not going to protect your account.

Common passwords like qwerty or 123456 don’t even require a potential hacker to run cracking software or steal your password from a breach. If someone could try the top 50 passwords manually and break into your account, you have a weak password.

One of the most important aspects of a strong password is its length. Every additional character—whether it’s a letter, number, or symbol—expands the possibility space and makes your password exponentially harder to crack.

And don’t reuse passwords.

Compromised credentials are a significant root cause of modern data breaches. IBMs Cost of a Data Breach Report 2020 noted: “One in five companies (19%) that suffered a malicious data breach was infiltrated due to stolen or compromised credentials.”

All too often, end-users choose vulnerable passwords. Hackers often use previously breached passwords that are readily available on the web in password spraying attacks and other account-based attacks.

Figure out if you have any “zombie accounts. These are accounts you may have signed up for back in, say, 2004, and you haven’t logged into them for the past decade. (Think: AOL, AIM, and Hotmail.) If a cybercriminal gets into one of these accounts and you aren’t actively using it, they can gain access to whatever information is in there, all without your knowledge. Delete them now, and never look back.

Multi-factor authentication (MFA) should be turned on for as many sites and services as possible. This is one of the most effective ways to secure your accounts from hackers. The most common type of MFA is two-factor authentication where another piece of information, on top of your password, is required to login to a service. Most commonly this is an SMS message, authenticator app, or physical security key.

To continue staying safe, it’s important to break old habits that put you at risk and develop new practices, many of them simple steps. You can keep hackers out of your life by making it harder for them to find a way in and shoring up your defences when you hear that they’re hard at work.