About 2 weeks ago news went out about a global cyberattack on companies using Microsoft email servers. This left South African businesses, including banks, vulnerable. An article I read on this issue, said South Africa is one of the most cyber insecure countries worldwide due to a naivety towards cybersecurity. For this reason, as I write again, I cannot help but make a quick stop and emphasize the importance of being on your guard and staying safe online.
You pick up signals of a hack and have confirmed it to be so. What do you do then? How do you recover from that, and the impact it may have? That’s exactly what we’re going to look at today and see how we may help you. Below are recommendations of actions to take when you have been hacked. Some are general and apply across different kinds of attacks and some are specific to the nature of the attack.
For dealing with a ransomware attack if you’ve got a good, recent, tested data backup of the affected systems, awesome, all you have to do is restore the involved systems. Then fully verify to make sure the recovery was 100%. If you use a file storage cloud service, consider calling your service provider and explaining your situation, their tech support should be able to assist.
Also, there are several websites that may be able to help you recover your files without paying the ransom. They do this by either figuring out the shared secret encryption key or reverse-engineering the ransomware.
If a fake antivirus has compromised your device (usually due to social engineering or unpatched software), power down your computer. If you need to save anything and can do it (as in it is possible), do so before powering down. Thereafter, restore your system to a previously known clean image. Most operating systems have reset features built especially for this.
As soon as you know your social media account has been hacked, send out warning to friends and family. Advise them to not accept any unexpected friend requests and not respond to chats requesting money or personal details. Thereafter, report the account or clone of the account to the site. This you can do yourself and also ask friends to report it with their own accounts. Lastly, if you still wish to use the compromised account be sure to change your passwords and the multi-factor authentication.
Furthermore, if any other online account, such as your Google account, has fallen prey to hackers, notify close contacts who may be compromised. Report the account and let the service provider sort it out. If you were using the same login on any other websites and accounts, immediately change those passwords and be more careful next time.
After any unexpected software installations, check your task manager and disable any programs that you do not recognize, and reboot the PC. You can also enable the “Check VirusTotal.com” options, and the programs along with Google’s Virustotal.com website will tell you programs that are malware.
Now if your mouse is moving and executing commands on its own, observe that for a little while. Watch to see what the intruder is looking at and what they are trying to compromise. Take a few screenshots to document what the intruder is doing. Thereafter, power off your computer, unhook it from the network or disable the router and call in the professionals. You need expert help.
Following the above mentioned, move to another ‘known good’ computer that you can use to change all your login credentials. Also, do check your bank accounts and consider paying for a credit-monitoring service. If you have lost money let forensics make a copy of your compromised system. Then you can restore it to a previous clean image.
Fortunately, in most cases of financial impact due to a hack, most financial institutions will replace the stolen money. However, to prevent monetary loss, set up transaction alerts that notify you of unusual activity on your accounts and warn you of transactions to foreign countries.
As a final word, it may not have hit you yet but cybercrime is as real as GBV and any other form of crime. So be a wise and responsible digital citizen; be on your guard and play it safe by following the prescribed safety precautions.