If your site has been hacked, take a deep breath. It is important to employ the 3-step process of Containment, Eradication, & Recovery right away to keep the impact of the incident as minimal as possible. We have listed the steps below, along with some of our tips and recommendations. We do strongly recommend consulting with an expert if you believe that your site or system has been compromised, as even one single attack can worsen into a complex breach if it is not handled properly from the start.
1. CONTAINMENT: Identify the problem and keep it from spreading
It is important for your organization to decide which methods of containment you would like to implement before the malware can cause any further damage. If malware is not identified and contained by updated antivirus software, plan to use other security tools to contain it.
Be prepared to shut down, block, or place restrictions on services such as email and network connectivity in order to prevent the malware from spreading across your network and into other organizations that may be exposed to the threat through your network.
2. ERADICATION: Removing identified malware
This can be the most difficult and intricate step because malware can spread in breadth (across networks) and depth (into your system), causing a variety of adverse effects. Be prepared to to use multiple techniques to not only remove the malware but also prevent it from returning in the future.
There are many important questions to consider in the eradication process: Should you back up your files or are they already infected? Was your operating system compromised? How do you get back on the results page of search engines if you have been blocked due to malware? During any cyber security incident, it is crucial to keep containment measures in place until you can confirm that the infection is completely eradicated. This can be difficult to determine since many types of malware can hide in places you may miss, continuing to cause harm to your site or system even if they are not plainly visible.
3. RECOVERY: Restore your website and/or system to malware-free status
With so many debilitating cyberthreats from viruses and worms to bots and spyware, it often takes a great deal of preparation and attention to successfully restore your site or system to pre-infection status. The recovery methods must be selected depending on what types of malware were involved in the incident.
It may also be worth evaluating if more serious recovery methods should be employed, such as rebuilding compromised or infected systems from scratch. Remember how much is at stake since there is a possibility you could infect clients, customers, partners, and everyday website visitors.
** If you do not already have a security plan in place:
Cyber criminals are always evolving methods and strategies to access your networks and information systems. Security plans can be difficult to navigate, but SMS can help. Whether you have already been attacked or you are simply looking to employ security measures to help prevent an attack, let our experts guide you through this vital cyber security process to ensure that your business is kept safe: