The NOCout Report 003: I've Been Hacked!

by Jon Lober | NOC Technology

So you think you've been hacked. Now what?

The most difficult aspect of working in IT is not the conspiracy theorists, asking customers if they have rebooted yet, or resetting passwords—it’s witnessing our fellow managed service providers (MSPs) deliver subpar IT solutions. 


Good IT service is about far more than installing antivirus software and transitioning a client to Gmail or Office 365. Unlike law, accounting, or other critical services, the information technology field is virtually unregulated. Anyone who wants to become a “Microsoft Partner” simply pays an annual fee and they’re good to go. This lack of industry guidelines leaves a shiny veneer on poorly constructed services. 


Nowhere is this difference more obvious than in cyberattack response. Too many providers simply reconfigure some settings , replace a few servers and do nothing else to address the real issue that allowed the attack in the first place. 


So, how should you respond to the discovery of ransomware, virus, or a phishing attack? 


We recommend these four steps to recover from a cyberattack. 


1) Immediate reaction: Time is of the essence during an active infiltration! Power down, unplug, and disconnect all of your hardware—from your computers to your servers. The goal here is to contain the breach to the affected hardware and prevent further damage. 

 

2) Fix the issue: Identify the source of the attack and isolate it from the network. Reset passwords and restore your system from backups. 

 

3) Never Again: This is the step so often overlooked by subpar MSPs. Analyze your response and implement the policies, training, software, and hardware necessary to prevent such an occurrence from happening again in the future. 

 

4) Report the Breach: You have a responsibility to report your breach to authorities like the FBI and (depending on your state) possibly even a legal obligation to report to state regulators. If your breach compromised customer or supplier data, you need to let them know as well so that they can take appropriate measures. 


Get in touch with us if you need help responding to a cyberattack—or far better—preventing one from happening in the first place! 

Local IT company NOC Technology offers tech support near Greater St. Louis.
By Jon Lober November 22, 2024
The Local Advantage: Why Choosing a Local MSP Really Does Matter
Is temu safe to shop?
By Jon Lober November 21, 2024
Too good to be true Are Temu's deals legit or a scam?
Endpoint protection is one key requirement of most cyber insurance policies.
By Jon Lober November 14, 2024
What requirements can I expe ct from a cyber insurance policy?
More Articles
Share by: