How to sniff out a cyber security breach, and what to do next
When you realise you’ve been hacked, it’s suffocating. You feel vulnerable, hopeless, like you can’t do anything online ever again. Your blood runs cold and you start raking over the what-ifs and the how-dids:
- What if they’ve got my banking password?
- What if they take over my email and start spamming everyone I know?
- Is my Facebook safe?
- How did this happen?
- Is this my fault?
But it’s not always obvious when you’ve had a security breach, and hackers can do a lot of damage before you even realise you’ve got a problem.
If you notice any of these things happening to you, it’s time to do some serious sleuthing to make sure you haven’t been the victim of a cyber attack.
Slow Town, population YOU
If your computer suddenly feels like it’s running more slowly than usual, and you’ve already given it a restart, that could be an indication of malware running in the background. Malware uses up processing power behind the scenes, so it’s no longer available for the tasks you’re working on. The result is a clunky computer that freezes while you’re working.
Ads, ads, ads
Have you noticed how there are less and less pop-ups, flashing ads and website redirects happening on the net these days? That’s due, in part, to a crackdown on such advertising from Google. If you find that you’re being inundated with ads, it’s likely that you’ve either been compromised already or that someone’s trying really hard to get you to click on one of the links and download some malware.
We all forget or mistype our password from time to time, sometimes we even manage to get ourselves locked out of an account. But if you find you’re locked out even on the first try, that’s a worry. It’s possible someone else is trying to (unsuccessfully) log into your profile, or that they’ve succeeded and have changed the password.
Someone’s been messing with your desk
Most workplaces still have a one-employee-per-desk kind of setup. Work it like you own it! Keep an eye on your physical space and on the content of your computer. If things are moved or changed on your desk, if your chair has been messed with, if files or settings on your computer have been moved, deleted or tampered with, or even if the computer is left on when you swore you turned it off, it’s time to look a little closer. You may have been breached by a fellow employee or contractor.
What to do if you’ve been breached
If you do discover that you’ve been breached, your highest priority should be securing your network and data. Once you’ve eliminated the vulnerability, you need to find out these four things:
- How were you breached?
- When did it happen?
- What was taken/damaged?
- Who was affected?
Once you have this information, you should notify anyone who was affected.
If the breach has resulted in a loss of personal information, and your company sits under the new Notifiable Data Breaches (NDB) scheme, you may also need to inform the Australian Information Commissioner.
Finally, you’ll need to perform a post-breach review and assessment of your company’s response to the data breach and the effectiveness of your data breach response plan.
Don’t stop there, though. The more proactive you get, the more effective you’ll be at cyber safety and mitigating damage, and the faster you’ll get the business back on its feet.
If you need some help developing a data breach response plan, I recommend this online guide.
If you’d like an IT security check, or advice on best practice policies and procedures for IT security, give Proactive IT Solutions a call.