3 Things You Should Do Immediately After Getting Hacked
Posted by : Premraj | Posted on : Thursday, June 30, 2016
Some businesses are still suffering under the delusion that getting hacked is for other companies. As a result of this kind of thinking, they simply don’t have a plan for the inevitable. Even big companies flail about like all those proverbial, headless chickens when they find themselves in the cross hairs. It is like an ER doctor being caught off guard when a sick person is rushed into the emergency room in immediate need of attention with a life or death situation.
The interesting thing is that businesses have a plan in case of fire, hurricane, or tornado. Perhaps the only reason public buildings have fire-suppression systems is because the government mandates it. The government is far behind in regulating data security. Therefore, doing the least they can do to keep up with regulations, companies have little by way of data security, and even less by way of a plan for what to do when it all goes wrong. Here are three things you should do immediately after being hacked:
Get Better Security
Somewhere along the way, companies bought into the idea that the way to secure their data was to make employees change their passwords every couple of weeks to something they would surely be unable to remember. But passwords at individual workstations is not really the problem. All of that effort goes to naught when the passwords can be stolen. According to the NYT:
A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.
They go on to say:
“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” said Alex Holden, the founder and chief information security officer of Hold Security. “And most of these sites are still vulnerable.”
Putting the onus of corporate security on the users is a losing strategy. You cannot neglect protective Internet software options that provide anti-malware, host-based firewall, intrusion detection/prevention, integrity monitoring, log inspection, and globally trusted SSL certificates. Getting hacked is a sign that your security measures were insufficient. The first thing you should do is get better security.
Inform You Clients
The other first thing you should do immediately after being hacked is to inform your clients. The mistake businesses make is thinking and behaving as if it were all about them. They are worried about their reputation, and their assets. Companies completely forget that the real victims are those whose personal, financial information has been stolen. Just ask the Hilton Hotel.
If you have recently stayed in one, your payment information has been breached. This information was discovered by a third-party which means the Hilton wasn’t up to the task of discovering it, or they discovered it, but wanted to keep it quiet. Because we don’t learn about it until two months later, we are all at risk. How many people have given the Hilton (and the thieves) their payment information who could have made a different decision if only they had been informed. Your clients need to know immediately!
Stop Falling for Scams
It seems even the US government still doesn’t know how to protect itself from basic phishing attacks. A phishing attack is when a person tricks you into giving them your website or payment credentials. This usually happens in an email that claims to be from a trusted company like your bank, or Apple, or social network. There is usually something in there about you having to verify your information. That’s when you click a link, go to a fake site, and give them the keys to the kingdom.
If this happened to you 5 years ago, you were a victim. If it happens to you today, you are a fool. It is up to you to educate your self on the dangers awaiting you online. If you approach the online world thinking there are no dangers about which you should worry, you are behaving irresponsibly. If you are the kind of person who gets hacked and doesn’t bother to educate yourself, you probably had it coming. And you have it coming again.
After gets hacked, the first thing you should do is get better security, inform your clients, and stop being scammed.