I've been hacked— what should I do next?

by Jon Lober | NOC Technology

So you think you've been hacked. Now what?

The most difficult aspect of working in IT is not the conspiracy theorists, asking customers if they have rebooted yet, or resetting passwords—it’s witnessing our fellow managed service providers (MSPs) deliver subpar IT solutions.

Good IT service is about far more than installing antivirus software and transitioning a client to Gmail or Office 365. Unlike law, accounting, or other critical services, the information technology field is virtually unregulated. Anyone who wants to become a “Microsoft Partner” simply pays an annual fee and they’re good to go. This lack of industry guidelines leaves a shiny veneer on poorly constructed services.

Nowhere is this difference more obvious than in cyberattack response. Too many providers simply reconfigure some settings , replace a few servers and do nothing else to address the real issue that allowed the attack in the first place.

So, how should you respond to the discovery of ransomware, virus, or a phishing attack?

We recommend these four steps to recover from a cyberattack.

1) Immediate reaction: Time is of the essence during an active infiltration! Power down, unplug, and disconnect all of your hardware—from your computers to your servers. The goal here is to contain the breach to the affected hardware and prevent further damage.

2) Fix the issue: Identify the source of the attack and isolate it from the network. Reset passwords and restore your system from backups.

3) Never Again: This is the step so often overlooked by subpar MSPs. Analyze your response and implement the policies, training, software, and hardware necessary to prevent such an occurrence from happening again in the future.

4) Report the Breach: You have a responsibility to report your breach to authorities like the FBI and (depending on your state) possibly even a legal obligation to report to state regulators. If your breach compromised customer or supplier data, you need to let them know as well so that they can take appropriate measures.

Get in touch with us if you need help responding to a cyberattack—or far better—preventing one from happening in the first place!

< Older Post

Newer Post >

Connect with an Expert

See Pricing

Request a Quote

Blogs by Category

> AI Technology

> Cloud Services
> Co-Managed IT
> Cybersecurity
> Fully Managed IT
> IT Guides
> IT Support

> NOCout Report
> Outsourced IT
> Project-Based IT
> Small Businesses
> VoIP Systems

You need an IT Provider that Knows YOUR Business

By Jon Lober • February 24, 2026

Generic IT fixes tickets. Strategic IT protects revenue. Learn why St. Louis businesses need an MSP that understands how you actually make money.

should you put all your eggs in same basket

One Technology Partner St Louis

By Jon Lober • February 23, 2026

How many providers does it take to manage your tech? If you run a small or mid-sized business in the St. Louis region, you probably work with a mix of technology vendors: one company for internet, another for phones, and maybe a third for managed IT support. When everything is up, that patchwork can feel “good enough.” When something breaks, it quickly turns into finger-pointing and downtime.