I Got Hacked!

A hacker is someone who seeks and exploits weaknesses in a computer system or computer network. Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge or enjoyment.
What to do when you got hacked

What to do if you have been hacked?

Change password immediately on hacked services

Go Off-line and Reset Your Passwords

Take your hacked services/servers off-line temporarily until you know you have resolved the issue. This should be done to prevent your site visitors/customers being affected. Change your password immediately on the affected service, also other services that use the same or similar password. DO NOT reuse passwords.

Update icon

Update Your Antivirus Software and Scan

Use the latest version of your anti-virus / anti-spyware product and run a scan for malware and viruses that may have been the source of the attack. If you don’t have a commercial anti-virus program, try an automatic cleaning from an anti-virus company like Trendmicro (housecall service), Panda software or use Sophos free.

Internet icon

Take Back Your Account

Nowadays, many services such as Google, Facebook, WordPress and Microsoft have mechanisms to take back control over your account after it has been taken over by someone else. Typically you can find these procedures by searching for the service name plus account recovery.

E-Identity with SafeComs - multi factor authentification

Set Up Multi-Factor Authentication and Improve Security

Use 2-step verification for your services whenever possible to help secure your accounts. Apply all available bug-fixes and update all services to the most recent stable release. Also most services allow to turn on notifications when special or personal accounts have been accessed. Finally when connecting to your services, it is best to use secure connections such as SSL or SFTP whenever possible.

Safecoms IT security audit

Perform a Security Audit and Forensic Analysis on All Your Affected Accounts/Servers

Go through the logs on your servers and look for suspicious activity. Best is to ask security experts to perform a security audit and forensic analysis to identify security risks and signs of potential Intellectual Property theft, industrial espionage, forgeries, inappropriate use of your email and IT infrastructure. Hackers often leave tools allowing them to get back in or they might have left tools to exploit your servers to send out spam email, launch attacks against other servers etc.

Want to know more?