Signs of a Cyber Attack and How to Respond
You're no stranger to the dangers out there, but if you're like me you want a reference guide of the signs to look for to determine if you've been hacked, and how to respond if it happens to you or your business … well lucky you! You have stumbled on the right article.
Below are the two lists you have been looking for to determine if you have possibly been hacked, been loaded with malware, or other cyber-attack methods and another to set you on the right course to respond to these incidents.
Red Flags of a Potential Cyber Attack
- Standard programs and files that will not open or work.
- Files have been deleted, or contents have changed without your direction.
- You find that passwords have unexpectedly changed.
- Unknown software appears or unexpectedly begins installing.
- The computer is connecting to the internet frequently when you are not using it.
- Your internet searches are being redirected.
- Extra browser windows may appear, or turn off without your direction.
- Unrecognized anti-virus software scans randomly appear.
- Additional toolbars are added to your internet browser.
- Frequent pop-ups load when you access the internet.
- Your mouse / pointer moves on your screen intelligently on its own.
- Your task manager, registry editor, anti-malware, and / or anti-virus software appear to be disconnected or disabled.
- Your e-mail contacts begin to receive e-mails from you, which you did not send.
- Money disappears from your bank account.
- You receive invoices or find payments made for purchases you did not make.
How to Respond to a Cyber Attack
- Remove the source of the connection by disconnecting from the internet and disconnect your router.
- Shut down the computer and restart it using the safe mode referenced in the computer's operating manual. (You can also use another safe device to look online for how to do this if the manual is no longer in your possession.)
- Access your programs and features from the control panel to determine if any new files were added and uninstall them immediately.
- Run an anti-virus / spyware scan before its next scheduled time to clean up any found concerns.
- Restore your files using a previously backed up date prior to the suspected hack.
- Warn e-mail contacts not to open e-mails or click on links from that period as they may be compromised.
— Business owner? Read on your tasks do not end there …
- Alert financial institutions, HIPAA, SEC, FINRA, or other applicable industry regulating bodies of the situation and follow their protocols on the next actions needed to protect your funds.
- Notify partners and clients of potential breach via phone calls (using a vendor to assist if necessary) as early as possible (state laws differ on minimum notification periods and credit monitoring requirements).
- Send written notification via postal mail and electronic communication if possible which clearly states a data breach occurred, what information was compromised, and what remedies you are providing (such as a toll free number for more details, free credit monitoring etc.) and the steps you are taking to ensure no further damage is done.
- If this has affected more than 500 customers, many states will also require a notice to be filed with the attorney's general office.
- Notify local and federal authorities.
- Notify your cyber insurance company of the attack.
- Consider calling in a cyber forensics team to test your network for find out the type of attack occurred, how it gained access to your network and further identify potential limitations that can be exploited so they can be strengthened before another attack occurs.
- Review and update your incident response plan at least once a year. This should be a written plan that includes all the steps necessary to take after an incident occurs, the contact details for each, and an updated map of your computer network to aid in accessing potential vulnerabilities.