In: Computer Science
What advice would you provide to a company that has been compromised by a hacker?
Subject Information Security.
`Hey,
Note: If you have any queries related to the answer please do comment. I would be very happy to resolve all your queries.
1. Find out what happened.
To respond effectively, get a full picture of what happened,
including how the hackers got in, which computers and accounts were
compromised, which data was accessed or stolen and whether any
other parties -- such as customers or business partners -- were
affected.
This can be a difficult process involving costly security consultants, but you may be able to get less expensive help from companies you do business with, including your Internet service provider, security software company or website hosting firm. But the best route may be to contact your local, county or state police computer crimes unit and the FBI, which can do forensic analyses and provide valuable guidance.
2. Seek legal advice.
If you don't have a special cyber-insurance policy that will
provide an experienced attorney, you may need to hire one to
navigate the legal issues. For instance, when hackers gain access
to the personal information of customers or employees, you likely
have a legal obligation to notify them
3. Communicate early and often.
Quick and honest communication with affected employees, customers
and partners -- about what happened, what you're doing about the
problem and what they need to do -- is often more than just a legal
requirement. It may be necessary to salvage your business.
"A data breach can be fatal for a small business" if monetary losses, the cost of rebuilding or reputation damage is high
4. Eliminate the problem.
To limit the damage, you may need to take disruptive and costly
steps, such as removing infected computers and shutting down your
website while you clean up. Consider reformatting hacked computers
and restoring data with clean backups, or simply buy new
computers.
If hackers exploited a software flaw, apply a "patch" from the software maker that fixes the problem or implement a recommended workaround. If they stole passwords, secure your accounts and set new, complex passwords that will be hard to crack.
5. Rebuild.
Put in place the technology and policies to help fend off future
attacks. Make sure your computer operating system and other
software are current and, if possible, receiving automatic updates
to fix bugs. Consider designating one computer for online banking
only, meaning no Web surfing and no email that might expose you to
malware designed for financial fraud.
Kindly revert for any queries
Thanks.