Hack Help

If you or someone you know has been hacked, and you don’t have any IT Support in place, or don’t know a friendly IT Company, take these steps:

If you are hacked at home…

Disconnect from the Internet so that the hackers can no longer interrogate your system.
Reboot your PC in Windows Safe Mode.
Run your anti-virus and anti-malware software if you have any installed, this should clean and quarantine any known viruses and malware.
While restoring to a backup used to be a last resort it is now often called upon due to the increased frequency and complexity of cyber attacks.
If you have backups in place, ensure that you have a restore point that was successful before the attack.
If appropriate, wipe all data and system information before restoring to a clean backup. Please consider that you may lose any data between the present time and the restore point.
Once you have restored your PC to the restore point ensure that you have the latest updates applied to your anti-virus and anti-malware software.
If you don’t have a backup in place there is an alternative. Dependent upon the type of virus, it may be appropriate to copy important data to a clean USB drive. You can then wipe your machine and install or update your anti-virus and anti-malware software. Plug in your USB and run a full scan of it before transferring it to the machine.

Ensure that you change all of your passwords.
Set up 2 factor authentication to give yourself extra protection.
If your email has been compromised let people know so that they are aware if they receive any emails from you.
You could even set up an out of office making people aware your email may have been compromised.
Check your insurance to see if you are covered for data loss and disclosure.
Make sure you monitor your bank accounts and other sensitive items to ensure they have not been compromised.
Inform Action Fraud that you may have been hacked.

Ensure that you have disconnected from the network.
Alert all staff and make sure they have disconnected from the network as well if appropriate.
Contact your IT team if you have one.
Reboot your PC in Windows Safe Mode.
Run anti-virus and anti-malware software.
Revert to your backup and disaster recovery plan (if you have one, if you don’t you should)
Check you have a backup restore point that was successful before the attack and restore.

Change your passwords. All of them, including domestic passwords or anything else that you access online.
Set up 2 factor authentication so that if someone logs into your account you’ll be sent a message asking to confirm if this is you.
If your data includes sensitive information such as personal data, you should notify the Information Commissioner’s Office on https://ico.org.uk and report a data breach.
Check your insurance to see if you are covered for data loss and disclosure.
Report the case to Action Fraud http://www.actionfraud.police.uk/report_fraud

Install a reputable enterprise level anti-virus and anti-malware software.
Ensure software is regularly updated and patched because new malware is developed daily.
Ensure that Next Generation Firewalls are enabled across all devices.
Enable pop-up blockers on all PCs.
Advise staff (and friends and family) not to open suspicious emails.
Ensure that the anti-virus software is configured to scan all USBs and other external devices added to the system. If feasible restrict or disable staff from connecting USBs to the network.
Make sure you have a backup solution in place.
Get a short cut and contact a reputable IT company to do all of this for you!