Responding to a Cyberattack

Five years ago, cyberattacks were mostly targeted at large companies, where the huge payout was worth the effort.  This is no longer true; between 60 and 70 percent of small and mid-sized businesses face cyberattacks each year.  As ransomware becomes more pervasive and phishing emails become less obviously fake, the effort required to execute a ransomware attack has gone down dramatically.

Responding to a Cyberattack

Cyberattacks can be crippling for businesses of any size.  Of course, not all cyberfraud leads to massive business interruptions.  Plenty of people fall prey to gift card scams. At a few hundred bucks per victim, these more often than not serve as less expensive lessons on how sneaky fraudsters can be. Although, it’s important that the lesson is learned.

When you first realize that you’ve lost money or data and technology is involved, you might not have enough facts to know who (if anyone) has illicit access to your network, what data has been compromised, or even what business operations are being impacted by the threat.

Here are four steps you can take to get on the right footing to respond to a cyberfraud or cyberattack quickly.

Call your technical staff

As soon as you suspect fraud, give a call to your network support team.  They should know what questions to ask to determine how likely it is that someone has unauthorized access to your network.  This will also give them time to get to work gathering the facts about who accessed what – they will likely need a couple of hours to gather this information for your leadership team.

Call your insurance provider

If you have insurance that covers cyberfraud, you should call them quickly as well.  Insurance providers understand that your costs (and therefore their liability) increase with every minute of unauthorized access or network downtime.  Many of them have technical experts that can get to work right away reducing that liability, which is good for both you and them.

Assess your network operations

Determine what business operations (if any) have been impacted by the attack.  If computers are down or data is inaccessible, you’ll need to quickly determine what to tell your employees and customers about the situation.  At this early point in the investigation, it’s likely not yet clear what systems are down and what has caused it – which is most likely the best thing to communicate until the picture becomes clearer.

Focus on your business, not the criminal

While it’s infuriating to be robbed, it’s unlikely that anyone will ever catch the perpetrator.  You’re not the first victim, and if they were going to be caught, it probably would have happened years ago.  Instead of focusing on the crime, focus on securing your network from future attacks and minimizing the interruption caused to your business by the intrusion.  Unfortunately, there is a very good chance that the time you’ll spend auditing your network for security threats and recovering from productivity lost during the interruption will likely cost you more than the crime itself.

To learn how WingSwept can help you prevent security breaches and increase your company’s productivity, call us at 919-779-0954 or email us at Team_WingSwept@WingSwept.com.