What to do if Your Business is Hacked

It’s a sad reality that, sooner or later, most businesses will be hacked. If this happens to your business, there are two types of response to avoid.

First, there’s the urge to do nothing. Often, businesses don’t notify the police about attacks – in order to avoid embarrassment if any details become public knowledge. Nick Selby, managing director at Trident Risk Management, told attendees at last year’s Security B-Sides Conference that this is a foolish response. After all, if you were mugged on the street you’d call the police. Why should cybercrime be any different?

Don’t let an attack shut down your business

The second type of reaction is to call the police, inform them of the attack and then ask them to fix it. That’s OK – if you’re prepared to shut down your business operations for a while.

“When the guys with blue windbreakers come in, you don’t want them to shut down your data center with evidence tape,” Selby said. “It is much more useful if you plan your response in advance, and provide them with the exact systems that were affected. They’ll work with you, rather than turn your entire data center into an evidence room.”

Helping law enforcement… to help you

Selby advised businesses to establish relationships with law enforcement agencies – or employ people that already have such relationships.  It’s also worth doing some investigation yourself – to establish details about the extent and the nature of the attack –  and taking the time to learn relevant legal terminology, so that you can communicate with law enforcement officers on their level.

“You want to call and tell them that your company’s servers were breached as described in Penal Code 33.02 and benefits were obtained through damage caused in excess of $62,000.00, which is a third-degree felony. And the attacks came from a Louisiana IP address,” he said, as an example.

Selby believes that this can help to convince law enforcement of the gravity of the situation, lead to a faster resolution and help your business to remain operational during the investigation.

  • Pin It