6 Things You Should Do Immediately If You Think You Got Hacked

  • February 22, 2019
  • |
  • Posted by Kevin Gemeroy
IT security is scary stuff. It’s even scarier when your livelihood depends on it. As the owner or manager of a small to mid-sized business, it likely falls on you to make sure your systems and data stay secure. If you don’t have a great IT resource at the ready, here are a few self-help tips for things you can do if you’re concerned you might have been hacked or had your IT security compromised.
 
 

1. Change Your Passwords

It seems like a no brainer, but the majority of security breaches today are caused by compromised credentials and/or phishingBy changing your password immediately after you suspect you’ve been hacked, you greatly reducthe likelihood that the hacker will continue to have access to your systems. 

2. Unplug the Impacted Devices

It goes without sayingbut if a device has no power or access to the internet, then it’s awfully hard for it to continue to do damage. It’s easy enough for an IT professional to troubleshoot a security threat offline with a variety of software tools, so by immediately removing power and internet access from the device, it gives you some breathing room to get a pro working on the issue.

3. Run Multiple Security Scans

It’s great to have good security software, but nothing is 100%, especially at detecting new threats. Even if you’ve got a good, centrally managed endpoint security software package, if your device has been compromised, it’s good to run a secondary scan using a tool like MalwarebytesAnother great tool is VirusTotal, which is a website that allows you to run over 70 different anti-virus scanners on a specific file or URL. It’s a great option if you clicked on a link or file that you think might be malicious but your current security solution isn’t detecting it.

4. Update Your Firewall & Security Software

If you haven’t already read our IT Security 101 article, these are a couple of the basics that every small to mid-sized business should have.The problem is that they usually don’t update themselves on their ownThey require a vendor to manage them centrally (or manually) to stay up-to-date. Ensuring that your firewall’s security subscription is current and that you’re using all of the necessary features usually takea professional, since these systems are typically too complicated to be managed with a simple user interface. If you’re running standalone endpoint security software (aka anti-virus software), make sure that every device on your network has a current subscription and current security definitions.

5. Turn on Multi-Factor Authentication

Most current email platforms now support multi-factor authentication (sometimes referred to as 2FA or MFA). To explain what this is briefly, it’s a requirement to“authenticate”from another device by sending a text message or using an authenticator app. By turning it on, you’re preventing the hacker from gaining access to your systems, even if they have the password. It’s part of our Basic security level and it should be part of your standard operating procedures as well.

6. Seek Professional Help 

No matter how small your business is or how insignificant of a security risk you think you are, you need an IT professional helping to guide and support you on your journey. If you’re not aware of the types of options that are usually available to you, check out the section on the different IT support options available to most small to mid-sized businesses.

Have security questions or issues? 

Drop us a line at hello@dyncomputing.com and let us know how we can help!

Making Financial Sense of IT

A little about us:  Dynamic Computing provides managed IT services, IT support, IT consulting, & cyber security services to top performing small to mid-sized businesses in the greater Seattle area.  We're focused on being the premier managed IT services firm in the Pacific Northwest, and we act as a complete IT solution for companies who don't have internal IT departments.  Our clients typically range from 10 to 200 employees and we work primarily with professional services firms in the Puget Sound Region.

About the author:  Kevin Gemeroy is the President & CEO of Dynamic Computing, a company he founded while in Business School at the University of Washington.  He's was recognized as a 40 under 40 honoree by the Puget Sound Business Journal in 2018 and as Washington State's Mr. Future Business Leader by FBLA in 1998.  He resides in Seattle, Washington.