Have You Been Hacked? 5 Steps in Reclaiming Your Business

Capturing the Flag
Image by: Nate Grigg
By: George Lamb

Hackers, we hear about them all the time but most entrepreneurs don’t actually realize that it is indeed possible to become a victim of their foul play. Nowadays virtually all of our personal information has some sort of contact with the internet.  Whether it be our social security numbers, credit card numbers, or even financial records and top-secret documents from your company.

Of course, it is ideal to take precautions ahead of time to help prevent vicious attacks from hackers, but, unfortunately some still manage to break the defenses we construct over our organization.

And that brings me to today’s topic: Steps to take upon realizing your business has been hijacked. Yea, it’s is indeed a scary thought, but keep in mind that it isn’t quite the end of the world just yet, as there are several ways in which you can reclaim what is rightfully yours. Here are five steps to take upon realizing that someone else may have access to your personal information.

#1) Contain the Attack

Upon realizing your system has been compromised, it is essential to first and foremost establish a certain degree of control over the attack. It may be a tough pill to swallow–the fact that someone somewhere in some dark, lonely basement actually took the time out their day to hack your business.  But even with whatever feelings of anger or disappointment you may harbor, it is important to contain your own emotions before proceeding in making a coherent decision as how to deal with the attack.

Once calm and composed, all systems should be pulled offline simultaneously to ensure that whatever content your hacker hasn’t infiltrated remains protected. Although one might figure it is best to do this as soon as the compromise has been detected, waiting until an investigation has been executed will aid you in finding out how your business can take steps to protect your system from any attacks that may happen in the future.

#2) Investigate

Contacting a professional consultant who will investigate how many of your systems have been affected by the hack would be a good idea for any companies without cyber-security experts on staff. The consultant will be able to identify the style of attack issued by the hacker, conduct a network and malware analysis and figure out which data files have been compromised.

Also, in order for your company to figure out if either the attack was something an employee picked up while navigating an already compromised site, or if it was an attack by an unknown individual, it would be essential to consider bringing a security expert on board. If the latter happens to be the case, then you may want to speculate the attack being directed from a competitor–in which case you’ll likely want to conduct a counterattack (by tasteful means, of course).

#3) Communicate with the Customer

It is likely that while your business is under reconstruction after being attacked, the systems or product which is valued by your customer base might take a hit in quality or not function as efficiently as previously. This is why it is important to inform the customers of your temporary hiatus from your usual method of running things.

This will not only give them an explanation as to why the company they’ve put so much into is seeming lackluster, but will also give them the reassurance that your company is doing everything in it’s power to restore the systems or product to tip top shape.

The harsh fact is that at some point in time all–or at least most–get hijacked at some point, and customers likely have experienced similar issues with other companies as well. And if they are die hard about your product, they will be more than happy to wait until you revamp the organization to nice working order.

Letting them know is integral for keeping your customer base, too, as a customer who notices a dip in quality with no explanation will likely consider shifting there business elsewhere.  Also, depending on what kind of data has been compromised, it will be your legal duty to inform your clients, as some may have divulged private information like credit card info or other things of that nature.

Have you had the misfortune of having your business hacked? Sorry to here that, pal, but to ease your pain how about you share your story and tell us below how you managed to overcome such a major issue.