Story image

ESET: How your business can recover from a hack

28 Jul 15

Recent high-profile data breaches at the US Office of Personnel Management (OPM), Adult Friend Finder and the European Parliament illustrate criminals’ insatiable appetite for data and financial reward.

Getting hacked, whether that is as an individual or as a company, is a horrible experience, and a costly one too. Hackers often get away with money or data, some of which might be sensitive like health records and private pictures or messages. This data is sometimes used for further attacks, or simply sold onto other criminals on the dark web.

But victims of these breaches feel like they’ve lost a lot more; they feel embarrassed, whilst compromised companies could see consumers and investors lose trust in the brand, resulting in stock and revenues temporarily falling down.

Here’s what you can do to recover as fast as possible from a hack– and with your dignity still intact.

Contact customer service
If the hack is of Facebook, Twitter or another online service provider, you should contact their customer service teams as soon as possible. These companies, especially in the social networking space, are getting better at cracking down on stolen accounts and even have online forms to fill in if that has been the case, or if your account has been sending out spam messages or making suspicious downloads.

Perform scans in your system
Once your compromised account is safely back under your control – and hopefully this does not take too long – you should do a security audit to check for suspicious files and other strange behaviour.

For instance, say your Facebook account was hacked. You should look for things including if your security questions have been changed. If the affected service is an ecommerce provider, like PayPal or eBay, you should check to make sure no new shipping details or payment details have been added.

If the hack affects your email, you might check for draft or sent emails, and who they are being sent to, while more advanced users should check the code, traffic, internet bandwidth and look out for any email irregularities.

You should, of course, change your password as soon as you suspect you’ve been hacked and after performing a full-scan in your system, while you should also consider the apps that are connecting to this account, and whether any of them could give hackers a way in.

For example, the open-source authentication standard OAuth is now used by Facebook, Twitter, Microsoft, Google and others for connecting to a number of third-party sites. It’s an easier and faster way of logging into a site, all the while without sharing any user credentials (username and password).

But what if your Facebook log-in is cracked, will connecting services be at risk too? And are these third-party plug-ins, which may use your Facebook account to log-in, secure enough or could they be compromised?

These are good questions to ask. You should remove third-party apps that are unnecessary and risky – and this also applies for apps you might have downloaded onto your smartphone or tablet.

Get the basics right
After you’ve been attacked, you need to make sure that you now get the basics right. For example, make sure you change passwords often – using complex ones or a password manager where possible, whilst you might want to consider using two-factor authentication (2FA) and an anti-virus solution.

Regular patching of software products is also essential, as is backing up your data, while you may want to consider how much information you post on social media, given phishing and social engineering are often the way hackers compromise victims.

Be careful who you trust
Who do you trust? That is a great question as you never really know who is behind other computers. So from now on, carefully consider the people you want to work with, and think who are the most trustworthy and secure sources.

To learn more about ESET, please visit their website. 

Red Hat names local APAC innovation award winners
ANZ Bank and NZ Customs Service were honoured as Red Hat Innovation Awards APAC 2018 Winners in A/NZ.
IP theft: A global issue catching NZ businesses off guard
“We have this incredible record of innovation in New Zealand. But our innovative businesses haven’t always been meticulous in shoring up their IP."
Why A/NZ organisations need to improve compliance protocols
Only a mere 4% of IT decision makers and data managers surveyed said their organisation faced no data management challenges. 
AWS tops all four global markets, APAC a unique case
The order of proceedings remains relatively the same in three of the four major regions for public cloud services providers, but the APAC market is bolstered by the prominence of China.
How artificial intelligence is transforming finance teams
"Organisations using cognitive ergonomics and system design in new AI projects will achieve long-term success four times more often than others.” 
Pure Storage launches new cloud data services
“Customers should be able to make infrastructure choices based on what’s best for their environment, not constrained by what the technology can do."
Is self-service BI living up to the hype?
the explosion of data available to a business and self-service BI tools is transforming how everyone works - but is self-service living up to expectations?
What the people say - Gartner’s November Customers’ Choices
A roundup of the latest Gartner Peer Insight Customers’ Choices from Backup and Recovery to Business Intelligence and Analytics, and more.