Once you receive that dreaded call that your business network has been attacked by a cyber-criminal, you will need to take swift action. Here are eight tips to consider for your business, to reduce the impact:
- Don’t turn off your computers or system network. It may destroy evidence and erase valuable clues that will allow a forensic expert to fully assess the attack.
- Contact law enforcement. Local law enforcement offices may have computer or e-crime sections that are experienced in investigating and helping with these types of attacks. Find out ahead of time what your local law enforcement recommends. You can report the incident to Internet Crime Complaint Center, a partnership between FBI and White Collar Crime Center at www.Ic3.gov.
- Document the potential scope of the breach.
- What parts of the network were attacked
- What data may have been stolen
- How was the attack identified
- Determine notification requirements.
- What states do your customers live in – each state has specific notification requirements
- What regulators need to be notified
- What are the required notification dates
- What information must be included in a notification
- Determine what outside help is needed. Cyber-attack recovery is challenging. Be sure to ask for help upfront rather than delaying, thinking you can save money by trying to do it yourself.
- Forensic specialist
- Public relations expert
- Cybersecurity specialist
- Contact your bank and credit card providers, to alert them to monitor your account for unusual activity.
- Retain system, application, database and network device logs and avoid making changes to the system suspected of being compromised before data is preserved.
- Consult an expert to assist you in acquiring a forensic image of the hard drives and live memory of the systems suspected of being compromised and following proper chain of custody procedures. The more details you can save, the better chance there is to identify the criminals.
As with any disaster, planning ahead on how you will respond will help you deal effectively with the challenges that arise. You can apply the same type of advance planning logic to a cyber-attack that you apply to a possible natural disaster such as a flood, hurricane or earthquake.
Learn more about protecting yourself and your business at The National Cybersecurity Institute.
FBI (2016). Internet Crime Complaint Center. Retrieved from https://www.ic3.gov/default.aspx