Cyber Attack

Cyber Attack 4

Is an attempt to damage, disrupt or gain unauthorised access to computer systems, networks or devices. 

CONSEQUENCES

The consequences could include:

  • loss of access to systems and information services;
  • loss of or interruption to the supply of essential goods and services;
  • loss of or interruption to the communications network;
  • loss of confidentiality;
  • loss of integrity where data is damaged or corrupted;
  • disruption to critical services i.e. energy, health;
  • economic damage i.e. businesses;
  • extra expenses to keep a business operating;
  • loss of income;
  • damage to reputation.

WHAT DO YOU NEED TO DO?      

BEFORE

  • Purchase and install anti-virus software;
  • Keep software and operating systems up-to-date;
  • Use strong passwords and two-factor authentication (two methods of verification). Create a separate password for your email;
  • Do not open any suspicious emails and when in doubt, don't click;
  • Do not provide personal information;
  • Use encrypted (secure) Internet communications;
  • Update your devices on a regular basis;
  • Create backup files;
  • Protect your WiFi network;
  • Further guidance is available on the National Cyber Security Centre website https://www.ncsc.gov.uk

DURING

  • Remove any viruses if you believe your laptop, PC, tablet or phone has been infected with a virus or some other type of malware;
  • The operating systems and apps on the devices you use should all be updated to install the latest security fixes;
  • Contact and inform your provider;
  • Change all of your passwords as soon as possible;
  • Set up 2-factor authentication, this provides an extra layer of protection against your accounts being hacked in the future;
  • Notify your contacts;
  • If you can't recover your email account - create a new one and notify your contacts that you are using a new account;
  • Take steps to minimise any additional damage;
  • If you think you might have been a victim of cyber-crime, please visit Action Fraud or contact them on 0300 123 2040.

AFTER

  • Continue to monitor the affected system(s);
  • Initiate measures to prevent future attacks.

 WHAT DO BUSINESSES NEED TO DO?

  • Have an incident response plan and post-attack plan of action;
  • Identify key/critical assets;
  • Implement appropriate technology (software/hardware) to protect critical assets;
  • Get legal authorisation to monitor internal user activity;
  • Ensure staff are trained and educated in cyber security;
  • Stay informed about threats;
  • Make an initial assessment of the threat/extent of the damage;
  • Take steps to minimise additional damage;
  • Keep detailed records during the attack;
  • Ensure backups are available for use;
  • Gather forensic data from the affected system(s);
  • Notify the Police/appropriate authorities;
  • Work with the Police to contact other potential victims;
  • Continue to monitor the affected system(s);
  • Initiate measures to prevent future attacks.

Things NOT to do during an attack include using the affected systems to communicate about the incident. For example, if an email server has been compromised, don’t use that server to send emails about the breach. The attackers may be hoping you will do just that, essentially making a bad thing worse. Don’t attempt to hack into the attacking system, this is probably illegal and could result in civil or criminal penalties.