Skip to main content

Businesses Get Hacked Every Day

We often suffer from optimism bias – the “It won’t happen to me” mentality. In reality, no business is immune from cybersecurity threats. Small businesses can’t rely on flying under the radar of cybercriminals, and large businesses can’t be certain that none of their safeguards will be compromised. Given this reality, it’s important to understand which steps you should take in the event that your business is hacked.

The Steps to Take Immediately 

When you first discover that an unauthorized person has gained access to your account, there are some steps you should take immediately to prevent the situation from escalating and to remedy some of the damage that’s already been done. If your business gets hacked, these steps should be done promptly.

  1. Change your password: This is probably the first step that everyone thinks of. If someone has access to your account, they have access to your password as well. Changing the password will lock them out of the account, at least temporarily. Read on to ensure they’re kept out permanently.
  2. Enable multi-factor authentication: If you haven’t already, turn on multi-factor authentication (MFA) for your account. With this turned on, the email provider will require you to confirm your identity before allowing a login on a new device. This can be done through text message but, as we’ll see, an authenticator app is the most secure way.
  3. Check connected phone numbers: Since MFA can be performed through text messages, hackers might have added a burner number to the account. If you’re using text message-based authentication, they’ll be the ones receiving the code. Which means that security measures have been nullified.
  4. Check recovery email addresses: Some email providers allow you to list a secondary email address for resetting passwords. Make sure the hacker didn’t change your backup email address to theirs. If they did, they’ll be able to reset the password after you’ve changed it and get right back in.
  5. Contact the e-mail provider: If you have a paid email account, call the provider and tell them about the compromised account. They’ll be able to provide you with additional tools. Free accounts might be limited to self-help only.
  6. Isolate the computer from the network: It can be hard to tell exactly how the attacker gained access to your email. It’s possible they did so through viruses or malware. By removing the computer from the network, you cut off their access to those tools. Once isolated, perform a thorough security scan.
  7. Check email activity: The hacker might have used your email to send phishing emails to your contacts. You can check this by looking at the sent and deleted messages. If anyone was sent an email by the hacker, reach out to them, and let them know the account was compromised.
  8. Change other passwords: If any of your other accounts are using the same password that your email account was, they may be in danger as well. Be sure to change those to a unique and strong password. Consider changing all your passwords in case they were compromised as well.
  9. Update security questions: The hacker may have been able to reset your password by guessing your security questions. Change those to new questions to prevent them from repeating the breach. If other accounts use those passwords, consider changing those as well.
  10. Notify potentially impacted parties: An email breach could put financial data at risk. Vendors and customers who use the same banking services as you should be notified so they too can begin taking the proper security steps.

Next Steps to Take

Once the immediate needs have been taken care of, there are still some things you should do to improve your security outcomes. The first is to report that your business got hacked to the Internet Crime Complaint Center (www.ic3.gov). They are run by the Federal Bureau of Investigation (FBI) and use reports sent to them to investigate crimes, track trends, and threats, and, in some cases, even freeze stolen funds. They also share crime reports through their network to make tracking these crimes and those who commit them easier.

Next, consider adding additional safeguards. A good security company, like Altek, can help you find the best solutions. These may include:

  • Email Spam Filtering
  • MDR
  • 24/7 Security
  • Operations Monitoring
  • Password Managers
  • DNS filtering
  • Cloud Application Monitoring
  • Drive Encryption
  • Managed Updates
REQUEST A CONSULTATION

Avoid Scam by Spam

Do you have a proper email filtration in your organization? We design, deploy, and support IT solutions.

Our Insight

Did you know that 60% of companies go out of business within 6 months of a breach? And 80% of risks are due to internal negligence? Now more than ever, we need to be mindful of cyber protection and data loss! We provide automated IT network reports on a daily, weekly, monthly, and quarterly basis. We monitor your network using state-of-the-art security and automated reporting, schedule backups and update software remotely. What’s even better, our Help Desk is only a click or call away to assist your team regarding your IT-related concerns, offering you the peace of mind you deserve.

WISE WORDS FROM OUR IT DEPT.

Unfortunately, there is no magic solution to protect your systems and data. You must have a comprehensive, multi-layered approach and you need to adjust for the ever-changing challenges and potential threats.

Enhance Your Network Security

You must be prepared to isolate and eliminate the attack quickly before it takes over your entire network and your systems. Don’t gamble with the security of your organization and your customers. We offer third-party penetration tests to evaluate your network security and complimentary evaluations. Schedule your appointment with one of our specialists today!

REQUEST A FREE CONSULTATION
Managed IT Services

Why You Need Multi-Factor Authentication

READ THE ARTICLE
Managed Security Services

Protection Against New Cyber Attacks

READ THE ARTICLE