{"id":222,"date":"2013-02-19T00:00:00","date_gmt":"2013-02-19T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2013\/02\/19\/5-steps-to-recovery-after-your-business-has-been-hacked-fox-small-business-center\/"},"modified":"2021-12-30T11:36:46","modified_gmt":"2021-12-30T11:36:46","slug":"5-steps-to-recovery-after-your-business-has-been-hacked-fox-small-business-center","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2013\/02\/19\/5-steps-to-recovery-after-your-business-has-been-hacked-fox-small-business-center\/","title":{"rendered":"5 Steps to Recovery After Your Business Has Been Hacked | Fox Small Business Center"},"content":{"rendered":"<p>It\u2019s not just household names that are the targets of hackers, however: In a report released by Symantec, the maker of the Norton Anti-Virus software, 36% of the global targeted attacks in the first half of 2012 were directed against small businesses with 250 or fewer employees. FOXBusiness.com spoke to four cyber-security experts to create a 5-step plan that will get you safely up and running again in no time if and when your business is compromised by a hacker. Rob Lee, the Digital Forensics and Instant Response Lead at the SANS Institute (a leading information security training institute), says that identifying whether a hacking attack has occurred is incredibly challenging for most businesses.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u201cTo detect an attack, you must develop and maintain a basic awareness of the normal operations of your business,\u201d says Martin Roesch, founder of SourceFire, a high-end technology firm that combats hackers and malware.   \u201cOnce you\u2019re aware of how your network works, the applications people use and the amount of bandwidth they chew up, you\u2019ll be able to spot anomalies that will help you identify an attack.\u201d<\/p>\n<p>Warning signs might include machines that are suddenly running slowly or crashing, strange network usage patterns, huge transfers of data to unknown destinations or visits from unfamiliar IP addresses (for instance, visits from Eastern European IP addresses when your business\u2019s customers are all based in Texas).<\/p>\n<p>Unless you have an information or cyber-security expert on staff, this would be a good time to call in a professional consultant, who will be able to identify the type of attack being utilized by the hacker, conduct a network and malware analysis, and figure out which systems and data files have been compromised. A security expert will also be able to tell you whether the attack was mass-produced \u2013something an employee might have picked up by browsing a compromised website \u2013 or whether it was a unique, targeted attack, which might suggest that the perpetrator was a competitor of some sort, says Dr. <\/p>\n<p>While the kneejerk response might be to pull the plug on machines as soon as a compromise has been detected, waiting until a thorough investigation has been conducted will better serve you in figuring out how to protect your system from future attacks. Then, using the information you\u2019ve learned about the breach, says Hemanshu Nigam, founder of SSP Blue, a safety, security and privacy firm, \u201cyou can close the gaps in your systems, so it doesn\u2019t happen again.\u201d<\/p>\n<p>Nigam agrees that customers should be informed to the extent possible, which will actually help build trust between your business and clients, as long as you effectively communicate that you are making all efforts to prevent another attack.<\/p>\n<p>Link: http:\/\/smallbusiness.foxbusiness.com\/technology-web\/2013\/02\/19\/5-steps-to-recovery-after-your-business-has-been-hacked\/<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-222","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/222","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=222"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/222\/revisions"}],"predecessor-version":[{"id":2709,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/222\/revisions\/2709"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=222"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=222"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=222"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}