A hacker attack usually takes place quietly, because the intervention in one’s own company network or company system is not immediately recognized. It is usually a successful or unsuccessful attempt to disable computers or servers, steal data or use a compromised computer system for further attacks. It can take several days up to a few months until the exploited vulnerability, the damage caused to the attacker, is detected. Therefore, a corresponding IT security structure for prevention with high standards in the area of Internet security is advisable and, above all, recommended. A well-established system can act as an early warning system and recognize atypical actions and, if necessary, also block and limit them. What to do if attacked by a cybercriminal
Table of Contents
Hacker attacks or cyber attacks can have serious consequences for companies: data loss, data misuse or even destroyed business relationships. Such an attack can threaten small and medium-sized companies with financial ruin. The standard repertoire of cyber criminals is expanding from year to year, the hacker attacks are becoming more creative, more complex and more difficult for the user to recognize.
Hacker attacks can vary widely and manifest themselves in different ways. Here are a few well-known and common hacker scenarios, how you express an intrusion into a company network and how you can recognize this attack:
Do you suspect that your company network has been compromised or that processes and actions are being carried out in an atypical manner in the system, or are there concrete indications of this? In this case, switch off all devices, computers and servers and disconnect the physical connection to the company network, Internet connection and WLAN connections. This measure is intended to lock out attackers, deny access to the company, so that they can no longer cause damage until this point in time. After step four, you can hand over the device, computer or server to a specialist who will find the vulnerability, close it and, if possible, repair the damage done.
If your company infrastructure is in a data center or you use cloud services, contact your provider immediately, report the incident and continue with step two.
Also Read: The Problem With Passwords
One of the common problems in everyday life is passwords that are used too “simple”. Since it is not known exactly how the attacker or hacker got into the company network, after the devices have been switched off, the individual connections must be disconnected and all passwords used and access data for the most important services changed.
These include:
After access to the company network from outside has been blocked and the passwords have been changed so that theoretically no further damage can be caused by attackers, the damage assessment can be checked.
When checking the company network, accounts, accesses and the system are analyzed under the following aspects:
The suspicion of a hacker attack has been confirmed? Contact the police. They can work with your appropriate cybercrime department to take a look at the damage and traces and further investigate and hold the cybercriminals accountable. Finally, you can file a complaint with the police or the public prosecutor’s office.
Involve your data protection officer, person responsible or the processor within the meaning of the GDPR and check the situation from the point of view of data protection. Here, the insufficient technical and organizational measures according to Art. 32 GDPR are checked. If human error (e.g. opening an e-mail attachment with malware) is responsible for the attack, appropriate measures such as regular employee training should take place and virus protection should be improved.
If personal data (e.g. customer data) was compromised, deleted or changed during the hacker attack, the incident must be reported to the competent supervisory authority for data protection within 72 hours of the data breach becoming known in accordance with Art. 33 GDPR. In addition, there is an obligation to notify the third parties concerned in accordance with Art. 34 GDPR. This can be customers, business partners and service providers.
The right communication is crucial in the situation! First of all, all employees in the company are informed about the incident and instructed that they are sensitized and can act on the measures. Subsequently, after inspection, affected customers and partners can be informed that their data was affected by the attack and in the last step the media can be informed about the attack. An external communications professional can support you in such a challenging time.
Consider what additional data could be related to or affected by the attack. Accordingly, there are further measures, for example:
After you and your employees have analyzed and logged the situation and the police have completed their work on site, you can concentrate on restoring the data, the system and your IT structure. Experts and specialized providers help you to repair and, if possible, restore your infrastructure.
As already mentioned in the introduction to the article, hacker attacks can vary greatly. Make yourself and your employees aware that they pay attention to the little things and integrate a high security standard into your company network. Access and passwords should also be selected according to “difficult”. Test and optimize your security standard in the IT structure regularly and regularly adapt it to the common attack scenarios.
Also Read: Cover The Webcam And Defend Against Hackers
Productivity is the amount of practical work done at a given time. This quantity of… Read More
The landscape of work is rapidly evolving, and coworking spaces have emerged as a defining… Read More
IT security has become a significant issue for businesses, whatever their size. Cyberattacks are becoming… Read More
Logistics is a significant part of supply chain management. It plays a key role in… Read More
As someone who has been in sales for over ten years, I know firsthand how… Read More
A new generation of workflow automation tools aims to – at least partially – automate… Read More