You’ve been hacked–join the club. Lately it seems that no matter what precautions you take, your business may get hacked eventually.
So what immediate actions do you take if you’ve been hacked? Here are our top five suggestions:
- Take your website offline immediately and inform everyone in your IT department. Doing this prevents anyone from visiting your website and contracting any malware that could have been embedded into your site by hackers.
- Contact your website host provider. By letting your host provider know that you have been hacked it will make them aware of the problem you are experiencing and will allow them to devise an action plan and also protect other sites that they host from hackers.
- Notify all business affiliates and customers who may have been compromised, so that they can take further precautions to protect themselves. By doing this quickly, you may also be protecting your business from a legal standpoint.
- Change all company passwords. Once a hacker has your password, he can access your network for as long as the password is valid. So it is important to immediately change your password so the hacker can’t continue to access your network. It is important to change your passwords on a regular basis to assist in hacking prevention.
- Try to prevent future attacks. Deploy a company-wide security policy which would include installing anti-spam software and anti-virus software to all accounts. Draft an email policy to educate users to be aware of (spear) phishing attacks and create strong user passwords. If your business is hacked it can be devastating. Draft a recovery plan so that if an attack occurs, your company will be able to respond quickly when time is of the essence.