How do I know if my business has been hacked?
If you or your employees have ever clicked on a mysterious email and wondered if you’ve fallen prey to a hacker’s phishing scam, you’re not alone. But how do you actually know if your business has been hacked and if you have a real security issue on your hands?
Here are a few signs that your business has been hacked:
- Suspicious activity on your files: You or your employees may notice that your file names changed. It may be a subtle change with a few extra words or numbers in the file name. Some files might be deleted or are no longer accessible. Unusual revisions to documents could also be a sign.
- Computer and network speed: Your computers are slow or sluggish. This is more than the occasional slowdown everyone experiences. We’re talking about significant changes to a computer that was working just fine the day before. If you notice that your network is operating slowly, it could be malicious software working behind the scenes transferring valuable files and data into the hands of a cybercriminal.
- Computer seems “buggy”: We all know when something just isn’t right with the computer. If your cursor moves on its own, the screen glitches regularly, or some of the applications won’t start or run, you may have been hacked. There could be unexplained changes to your browser tool bar, multiple pop-ups, or anti-virus warnings.
- Random emails sent from your account: This is one of the most obvious signs. If your customers or employees receive fraudulent emails from your account, you’ve definitely been hacked.
- Login details change: If your login details have change and you or your network admin did not initiate those changes, that’s a huge red flag.
If you see any of these signs, it’s likely you have a security that needs to be addressed now. Where there’s smoke, there’s likely fire.
What do you do if you’ve been hacked? Remember the motto they taught you in school:
Stop, Drop, and Roll.
- Stop the network connection immediately: This means you need to disconnect the internet connection to your computer and network to isolate your computer or system.
- Drop the hacker completely from the system: Call your IT service provider or internal IT team. They should use security incident response tools and procedures to drop the hacker off the systems, gather forensics on who the attacker was, and close the security holes that allowed them in. This keeps the hacker from accessing any more files and stealing more data.
- Roll out the recovery: Your IT service provider should roll out the recovery of your files, computers, systems, and entire network, and then get you up and running.