You’ve Been Hacked – Now What?

September 10, 2018

It’s the stuff of IT nightmares: You’ve been hacked, and your organization is scrambling to cope. Now what?This nightmare scenario happens at companies large and small. You’ve likely seen some of the famous data breaches in the news, year after year:

  • Uber had 57 million driver records hacked in 2017.
  • Yahoo had 3 billion accounts hacked in 2016.
  • Anthem had 80 million personal accounts hacked in 2015
  • Target had 40 million credit cards hacked in 2014, the same year Home Depot had 53 million emails stolen.

When your company’s data is hacked, you need the immediate help of an outside managed services provider (MSP). An MSP can take an overview of your situation and give you an in-depth analysis of where things stand. They’ll explain the extent of the damage, where vulnerabilities still exist, and what you need to do next.

Conducting a Password Audit

Right away, you’ll be advised to audit your passwords. A password audit is a look at every password, protocol, and entry point into your system - and it includes making attempts to break into your system to reconstruct the breach.During the audit, you’ll uncover issues that led to the hack. Maybe your employees had easy-to-guess passwords. Maybe passwords were being kept on sticky notes near workstations. Maybe a disgruntled former employee was able to access the system.The auditor will try using common words and number sequences. They’ll even check old passwords and variations of old passwords to see if your company is fully following password update recommendations.An audit can uncover unsafe procedures, like sharing login credentials or forgetting to lock screens. Problematic issues will be tracked to the source by user and workstation. You can view timestamped archive information to determine what went wrong.As ominous as all this sounds, the point isn’t to attack or discipline individual employees; the point is to determine vulnerabilities and put safer procedures into practice for the future.

How Do We Know When Everything is Okay?

That’s a great question. Companies often want to know when it’s time to breathe a sigh of relief and feel that everything is okay after a hack.Again, this is why it’s important to work with a reputable MSP. They can use the world’s most cutting-edge procedures to research your problem and test resolutions. They understand how hackers think, and bring that knowledge to benefit your company.To put it in clearer terms: The password audit will reveal when everything is secure, because attempts to break into your system won’t work anymore. That’s a great feeling.

How Do We Prevent Another Attack?

Preventing another attack will be top-of-mind after the first one. But eventually everyone will go back to their day-to-day work.This is a vulnerable time - when the sting of getting hack has faded. Complacency is the #1 enemy of tech security. When people become lax about data safety procedures, the company’s risk immediately goes back up.The best way to prevent another attack is to continue following security best practices:

  • Follow your MSP’s advice about creating strong passwords
  • Never allow employees to share passwords and other login credentials
  • Avoid sharing workstations and devices between employees
  • Don’t use unsecure sites, systems, and procedures
  • Keep everything updated and up to the latest safety standards
  • Be suspicious of people, sites, and emails that try to elicit passwords

To learn more about how conduct a password audit and keep your company safe, connect with Techlocity using our secure online contact form.