Finding out you’ve been hacked is a scary prospect, not least because most people don’t really know what it means, just that it sounds serious.
Even if you have good cybersecurity measures in place, you can still find yourself on the end of a cyber attack (although it is less likely), the important thing though is knowing what to do next to get you or your business back on track.
Change your passwords
It doesn’t seem to matter how much we talk about passwords some people still don’t get it and instead have one password which covers their whole entire life.
If you fall into that category it’s worth taking action now, not only acting if (and in some cases when) you are hacked.
If you have been hacked you need to think long and hard about exactly what accounts are affected – now might be a good time to complete an entire security audit!. If you do use the same passwords it could mean a long painstaking process to go through each and every account and change the password to something original.
Run a scan (and update all your software)
Even if you’re diligent with your antivirus software and run regular scans it’s essential after a hack to triple check your security protocols. So that means checking all your software and applications are up to date and running a full scan to ensure everything is safe.
Recover your account
All of the main email providers and social media platforms offer you the chance to ‘recover’ your account if you have been or think you’ve been the victim of a hacking.
It’s essential you do more than just change your password so you can take full control of your accounts again. You will need to remember some security questions or be able to recognize some of your friends on Facebook, but it’s all fairly simple.
Secure your backdoors
Unfortunately, once you’ve been hacked and you change your passwords, that’s rarely the end of the problem, Good hackers will use tools to open the back door, meaning they can log back in again even after they’ve been thrown out.
Make sure a backdoor hasn’t been left open somewhere, which will allow an attacker back in.
Check your e-mail rules and filters to make sure nothing is getting forwarded to another account without your knowledge and check that none of the answers to your security questions have been changed. You might even find that some of the security questions asked have been changed.
De-authorize Apps linked to your accounts
It’s great that we can now log in to a whole host of things by simply using our social media accounts but if it’s one of those accounts that has been hacked it could cause huge problems.
It’s likely that you don’t know the full list of websites and apps that your social media accounts are authorized to access – so maybe now is a good time to check?
If you log into your Twitter account you can easily check which accounts by clicking on Settings and Privacy and then Apps. Revoking all access is the best option initially. Once you have changed your passwords you can always use the accounts to log in again – if you choose.
On Facebook go into your Settings and then Apps and just remove each of the apps that have access to your account.
Keep a close eye on everything
Hackers act for a reason, they are rarely getting into your e-mail account to read conversations or your facebook account to look at your pictures – there is always an end goal. What it is won’t always seem immediately apparent but it’s usually about money – so keep an eye on everything from your bank account to strange post arriving through your door.
People often feel embarrassed when they’re hacked or the victim of an online crime because they think they are to blame. Often you are just unlucky and the victim of opportunists. The important thing though is to tell other people what has happened to you to raise awareness.
If more people know the signs and how easy it actually is to be hacked it might cut both the impact of an attack as well as the likelihood.
So reveal the warning signing and share what people should be doing if they find themselves in the same boat as you.
Peter has been in the Information Security world since 1999 and in IT in general since 1996. His work history contains a unique blended balance between the development of exceptional technical capabilities and business knowledge. Peter is a proud father of twins and enjoys GT endurance racing on the weekends.
Last week saw SB Tech Breached by the hacking group Maze. It seems that every week the group are announcing more victims. GameOn asked our CEO Peter Bassill, to give us some insight into the attack. The GameOn article is here.
In our “How to securely” series we asked our followers what tools they would like a simple guide on to help them stay secure online. There seemed to be a lot of confusion as to what a VPN is and why you should or should not use one. So we asked Peter to help.
WhatsApp is among the fastest-growing instant messengers out there, and almost a social network in its own way. But if you are using it, there are some steps you should take to protect your security and privacy.
The UK’s highest court ruled that Morrisons can not be liable for a criminal act of a person seeking to harm their business. On April 1st, 2020, a panel of five justices unanimously ruled that Morrisons was not “vicariously liable”.
With the current pandemic situation, we all need to be taking remote working considerations. While adjusting the work paradym, it is vital to keep a mind’s eye on the security and safety of the businesses information assets
In this guide we are looking at how to go about securing zoom. Since the onset of the global pandemic, we have seen surge in “zoom bombing”. This is where people with malicious intent look for in-progress zoom meetings to join and cause trouble.
A critical vulnerabiltiy has been identified in Dell EMC iDRAC7, iDRAC8 and iDRAC9. Some unknown processing is affected by this issue. Manipulation with an unknown input can lead to stack based memory corruption.
On March 27th, Hiscox Insurance Company Inc. filed a complaint against law firm Warden Grier for concealing a data breach that occurred back in 2016.
A critical vulnerability has been identified in Nginx Controller up to 3.1.x (web server,) affecting an unknown code block of the component Controller API.