If you work at a big enough company, chances are pretty good it is going to be hacked, if it hasn’t been already.
The extraordinarily sophisticated tools that nation states and well-financed hackers have spent years developing are now just clicks away for motivated criminals. And the cost of these tools starts can be as low as one dollar on the dark web, right now.
With these commoditized hacking tools, which rapidly improve in quality as the price rises, your network can be targeted from anywhere in the world—though the countries where these attacks are most likely to be launched from have remained remarkably consistent over the past few years.
Since the question isn’t “if” but “when,” you need a plan for when you recognize your work PC is acting up and it’s not just because you have a billion tabs on twenty different browsers open.
Of course, you wont always know if you’re hacked. Often it takes weeks or months to know if your network has been compromised. But when you suspect something is wrong, the worst thing you can do is panic.
Your natural urge would to do what we’ve been trained to do when our machines are acting up: turn it off and then on. Deny the hackers power!
But if you do that you’ve may have just become an unwitting accomplice to the crime.
“Turning off the computer is like destroying evidence – evidence that can help uncover who the attackers are and what they’ve done,” says Janne. “So really, doing this helps whoever has hacked your device by making investigative work more difficult.”
That’s why our experts have a simple slogan to keep you cool when others might lose their heads: “Hacked? Don’t power down. Unplug the thug. Disconnect all networks.”
Why is unplugging all Ethernet, Wi-Fi, Bluetooth, NFC, and Mobile Data Network connections, including SIM cards, better than just pulling the electrical cord out?
Killing the power wipes out any data stored on the RAM, which in invaluable to investigators.
So once you unplug the thug, Janne advises that you stop touching the computer and go old school. Grab a pen and a piece of paper and write down what happened. Include all the details you can, especially if you remember what you clicked on last, what tipped you off there was a problem and other oddities you’ve noticed.
Now call for backup.
“Who to contact will be a bit different for every company, and maybe even every employee,” Janne said. “But no matter what, you need to bring this to the attention of more people, whether that be a CISO or an external security consultant.”
And when your backup compliments you on how you handled the incident, be sure to point to your “Unplug the thug” poster on the wall.
Leave a comment