Hacked. Now What?

First, what are a few ways hackers find their way into a device or accounts?

Unfortunately, there are lots of ways for hackers to find their way into our computers and our accounts. The software and apps we use are in a constant state of change. Sometimes, as developers work to maintain interoperability, opportunities arise for a hacker to exploit a change and access your computer.

Other times it’s a result of something users do themselves. We talked about this previously about opening emails that aren’t legit. Some of those emails may contain a payload that, once opened, deploys malware on your system. And, of course, hackers can always buy your password online. If you’re not diligent about password security, you could easily be hacked.

What should I be most concerned about a hacker gaining access to?

I think most people would say they’re concerned about a hacker gaining access to anything at all. But the biggest threat to an organization would be losing security of their customer’s private or financial information. As a consumer, I’d say the biggest concern would be your own financial information, but we’ve seen plenty of people lose private photos and videos that can be used to extort or embarrass.

What should be done immediately after learning the device or account is hacked?

If you have a hacked device, you need to take it offline as quickly as possible. If the device can’t transmit your personal information, you’ve got a compromised device but your information may not have been compromised yet.

Then it’s a matter of calling in an IT professional to help. Some viruses and malware can be very hard to completely remove from a system. It’s best to be sure.

If you have an account that’s hacked, you need to make an immediate list of any other accounts that use the same username and passwords. We’ve talked before about password security, about not using the same password for multiple accounts, and about using randomly generated passwords. If you have a separate password for each account you hold, your exposure to a single cracked or obtained password only affects the one account.

What additional security measures should be added to prevent repeat attacks?

It depends a little. If we’re talking about your workplace, you need a plan for cybersecurity. That will involve a policy for computer updates, access controls, antivirus requirements, and social engineering/phishing training for your employees. There’s a lot that needs to be done and recognized by each member of your organization to maintain security.

As a home user, you need to be taking steps to make sure you’re not using the same password for multiple accounts. Make sure your antivirus is up to date, make sure you’re not browsing to unreputable websites, and make sure you’re not opening suspicious emails.

That’s why 702 Communications offers managed services and computer repair support. We’ve got a team of IT professionals that can help you design your infrastructure to minimize risk. We can make sure your devices are automatically updating to prevent access via exploits, and we can set you up with a backup plan for your data if you’re the target of a ransomware attack. Whether you’re looking to prevent an attack or recover from one, 702 Communications is here to help.