2017 was not a good year for cybesecurity. Though, depending on how you look at it, it was a good year for cybersecurity awareness. There was a major breach or announcement nearly every month of the year. The previous few years weren’t much better. With so many businesses – even ones large enough to hire their own information security teams – being victimized by hackers, it should be blatantly obvious to everyone that cybersecurity across the board could do with an upgrade. The biggest problem is that security breaches can go undetected for years, especially if you’re not monitoring properly. And the longer it remains open, the higher the cost of a breach. Worst of all, notifying affected users too long after the fact can result in a damaged reputation and public backlash.
That’s why we’ve put together a brief guide to identifying breaches and some tips for how to respond if you’ve found one. Even without a background in technology, by the time you’re done reading this, you should be savvy enough to recognize red flags and take action.
How Hackers Strike
Hackers and malicious users implement a variety of tactics to exploit your systems. A number of them are highly technical, and unless you have a firm understanding of computer systems, you won’t be properly equipped to deploy a countermeasure. That’s why it’s important to have experts you can count on (either external or internal to the company) to defend your systems.
That said, cybersecurity has grown by leaps and bounds, and it’s not as easy to hack a system as it used to be. Plus, not every malicious user knows how to do it. So, many hackers opt for a different tactic: social engineering (sometimes jokingly referred to as “wetware hacking”). By manipulating people, hackers can get access even when more direct intrusions aren’t possible.
Signs You’ve Been Compromised
While it won’t be obvious if you’ve had a security breach, there will be certain symptoms. To the unobservant, they will seem like a minor annoyance, but if you notice these symptoms, it’s time to have your IT team do some digging.
A Snail’s Pace
If you find that your computer or your internet browser is suddenly running more slowly than normal, even after updating and restarting, then that may be a sign there is malware running on your computer. Malware, like a parasite, leeches processing power from your computer to do its job, and your first clue is this slowdown effect.
The Ominous Annoyance
Pop-ups, intrusive ads and website redirects happen from time to time, but they’re not omnipresent. At least, not normally. If you find that, even with ad blockers, you’re being inundated by annoying advertisements, it’s likely you’ve either been compromised already or someone’s trying really hard to get you to click on one of the links and download some malware.
All Locked Up
We all forget or mistype our password from time to time, and that can occasionally result in a lockout. But if you find you’re locked out even on the first try, that’s a cause for concern. It’s possible someone else is trying to (unsuccessfully) log into your profile, or they’re already in and have changed the password.
Most employees at a company who use a computer are given some personal space to work. Keep an eye on this space, including what’s going on inside the computer, for anything suspicious. If things are moved or changed on your desk, if your chair has been messed with, if files or settings on your computer have been moved, deleted or tampered with, or even if the computer is left on when you swore you turned it off, it’s time to look a little closer. Your company may have been breached internally.
How to Respond to a Breach
If you do detect that you’ve been breached, shoring up security should be your highest priority. Aside from closing the vulnerability, you need to do some digging and learn four things:
- How were you breached?
- When did it happen?
- What was taken/damaged?
- Who was affected?
Once you have this information, you’ll want to immediately notify anyone who was affected. Moreover, depending on your location and the size of the breach, you may need to notify the public, news, and/or government agencies where applicable (laws vary by state). Don’t stop there, though. The more proactive you get, the more effective you’ll be at cyber safety and mitigating damage, and the faster you’ll get the business back on its feet.
While incursions are impossible to avoid altogether, with a little vigilance and a little help, you can dodge most of the bullets and recover much more quickly if you get hit.