Hacker attack - what now?
Every day, many companies face a threat. But, what to do if it's already happening? Blackberry has produced a guide to what to do if a third party has already carried out a successful attack.
For many companies and organizations, the probability of falling victim to a cyber attack at any time is high. Blackberry cites one example: In 2020, for example, an IT failure was triggered at the university hospital in Düsseldorf, as a result of which a patient had to be taken to another hospital and died.
The fact that recently more educational institutions and health care organizations have also been targeted by cybercriminalsis not a new insight. But what to do when a company gets wind of a cyberattack? Blackberry lists four tips on the right course of action in such a situation.
Do not pay ransom
Ransomware attacks continue to increase, and the cybercriminals' tactics are in demand because many businesses are pressured to pay ransoms in an absolute emergency. But whether the cybercriminals will then actually release the encrypted data is always the other question. Blackberry also mentions that paying a ransom is not very smart, because the cyber crooks know what they want in any case and continue to use the tactic.
Check all system levels
On average, cyberattacks within an organization go unnoticed for about the first 124 hours: enough time for the attackers to reconnoiter the entire system landscape. IT experts would therefore have to monitor more regularly and thus detect earlier if, for example, any anomalies occur in the data traffic.
Investing in the cyber know-how of employees
All employees should know the correct procedures to follow in the event of a cyber attack as part of awareness training, so that employees also recognize how to handle certain mail attachments, for example. Awareness of vulnerabilities or dangerous content should not lie primarily with a company's cyber officers.
Centralize multiple data feeds in one system
For rapid transparency in the event of deviations in data traffic, regular analyses must take place on data feeds. This will make it much easier to find and locate the deviations, especially if the data is stored in a system. Therefore, it makes sense to use statistical analysis to identify abnormal behavior.
Source: Blackberry