Recent information published by a leading security company, Malwarebytes indicates that it takes a business on average 200 days before they are aware that they are the victim of a Cyber attack. Cyber attackers are becoming very professional and sophisticated in their methods of attack and payload meaning that it is becoming very difficult to spot the signs of being compromised.
After spotting the signs getting all the facts together will help produce a response plan.
- When did the attack it take place?
- How will the attack affect the ability of the business to continue its sales operation?
- What devices and information was compromised?
- What persons or other businesses are affected?
- How technically did the attack occur?
Malwarebytes suggest the following advice following detection
- Bring in a specialist cyber security company
- Appoint a chief security officer who’s responsibility it is to ensure correct application of the plan
- Separate and encrypt all sensitive data
- Reset all logins details and review password security
- Implement Two Factor Authentication
- Ensure infected devices are wiped and reinstalled to ensure complete removal of the virus
- Ensure all network devices are reset to factory settings and then updated to the latest firmware
- Ensure a policy of installing all the latest security patches
- Audit all software to ensure it is legitimate and updated to the newest version possible (including Operating Systems ie Windows 10)
- Ensure that all staff are made aware of their responsibilities in helping prevent future cyber attacks (Especially through poor use or misuse of devices under their control)
- Install ‘Business Class’ Internet and Malware Protection Software (even on devices that traditionally haven’t warranted it i.e. Mobile Phones, Tablets, Apple Mac’s etc.)
- Ensure devices are powerful enough to run their office software and additionally Anti-Malware and Anti-Virus software which often can slow down a cheaper device. (Don’t fall into the trap of keeping old devices and passing them on to new staff)