Question

What advice would you provide to a company that has been compromised by a hacker?

Subject Information Security.

Answer 1

`Hey,

Note: If you have any queries related to the answer please do comment. I would be very happy to resolve all your queries.

1. Find out what happened.
To respond effectively, get a full picture of what happened, including how the hackers got in, which computers and accounts were compromised, which data was accessed or stolen and whether any other parties -- such as customers or business partners -- were affected.

This can be a difficult process involving costly security consultants, but you may be able to get less expensive help from companies you do business with, including your Internet service provider, security software company or website hosting firm. But the best route may be to contact your local, county or state police computer crimes unit and the FBI, which can do forensic analyses and provide valuable guidance.

2. Seek legal advice.
If you don't have a special cyber-insurance policy that will provide an experienced attorney, you may need to hire one to navigate the legal issues. For instance, when hackers gain access to the personal information of customers or employees, you likely have a legal obligation to notify them

3. Communicate early and often.
Quick and honest communication with affected employees, customers and partners -- about what happened, what you're doing about the problem and what they need to do -- is often more than just a legal requirement. It may be necessary to salvage your business.

"A data breach can be fatal for a small business" if monetary losses, the cost of rebuilding or reputation damage is high

4. Eliminate the problem.
To limit the damage, you may need to take disruptive and costly steps, such as removing infected computers and shutting down your website while you clean up. Consider reformatting hacked computers and restoring data with clean backups, or simply buy new computers.

If hackers exploited a software flaw, apply a "patch" from the software maker that fixes the problem or implement a recommended workaround. If they stole passwords, secure your accounts and set new, complex passwords that will be hard to crack.

5. Rebuild.
Put in place the technology and policies to help fend off future attacks. Make sure your computer operating system and other software are current and, if possible, receiving automatic updates to fix bugs. Consider designating one computer for online banking only, meaning no Web surfing and no email that might expose you to malware designed for financial fraud.

Kindly revert for any queries

Thanks.