Your company got hacked! Now what?

It’s the last thing a business owner or leader wants to hear – “we got ransomware!”, “the server was hacked!”, “a user clicked on a spam link!”. We’ve all heard many possible ways your cybersecurity plans can fail. Continue reading to see how the Beringer Team can assist customers in working through a breach or hack.

Stay calm so you can make rational decisions

• Document whatever you know. Take pictures with your phone, if you can’t interact with a compromised device. Try to quickly gather details of what happened – if the user is aware – or how the incident was discovered.

• Shut it down. Any affected hardware should be turned off and unplugged from the internet. Don’t try to fix it just yet.

• Contact your cyber-insurance provider. They have the necessary procedures to assist in safely evaluating the extent of the breach and can recommend options for remediation.

• Work with your IT provider to provide any details, logs etc. to help understand the extent of the breach and which data stores were accessed. Forensic analysis may take days or weeks to complete and affected systems will need to remain offline/unused until the work is completed.

Planning steps forward

• Prepare your employees and plan to inform any other affected parties for possible data outages, work stoppage, shipping delays etc. This is not the announcement of a breach, just planning ahead, as the forensic analysis must be completed before devices are put back in service.

• Don’t pay a ransom for your data until you have fully reviewed your disaster recovery options and possible consequences of not paying. There are some “ethical” hackers who will provide an encryption key and promise not to share your stolen data on the dark web, if you pay the ransom. This is a business decision that should be based on research and careful consideration.

• Work with your IT Team to begin disaster recovery steps. This will include the work arounds you planned, in case of an extended outage for key systems.

• Once you understand which data was compromised, devise a plan for informing affected parties. If the data was for internal use, informing employees is the next step. If any customers, vendors, suppliers or other outside contacts’ data was affected, work with your cyber-insurer and your marketing team to craft an appropriate notice.

Ongoing protection and vigilance

After the analysis has been completed, data has been restored and all systems are back online, the work is not over. Reinforce employee cyber security training at regular intervals, across the company. Implement any recommended cyber security remediation methods to prevent a similar attack in the future.

Remind technical staff to continue to be vigilant for any additional issues that may arise, as scammers may keep trying to create another hack, since it worked before.

Does your business need guidance on how to create and maintain a cybersecurity strategy, a reliable backup plan, employee cyber training, a comprehensive disaster recovery protocol or deploying multi-factor authentication? If so, give the Beringer Team a call today at 800-796-4854. We have extensive experience evaluating technology needs, business requirements, and cybersecurity strategy, as well as supporting servers, PCs, networking, cloud services and other technologies, for businesses just like yours!

At Beringer Technology Group, we’re not like most other MSPs! We offer both IT Managed Services and Microsoft Cloud Applications Consulting to customers in the Philadelphia area and beyond. Now offering Microsoft Co-Pilot and Azure AI Consulting services. Visit our website www.beringer.net to see all the services we offer and the industries we serve.