Hacker attack: What to do?

For many companies and organizations, it is an everyday fact that they are highly likely to be threatened by a hacker attack at any time. Especially in the challenging current conditions, it is difficult to prevent these attacks, although the consequences can be drastic. One example of this is a Incident at Düsseldorf University Hospital in 2020: Unknown persons had triggered an IT failure there, as a result of which a patient had to be taken to another hospital and died. An immense blow for the university hospital, which at the same time revealed a painful problem.

Cyberattack: What's going wrong?

The question is what exactly goes wrong when such an attack occurs. After all, the realization that educational institutions and healthcare organizations are attractive targets for cybercriminals is by no means new. Of particular interest to hackers are both the number of connected users and the value of confidential information. A first step in preventing these attacks is to implement the right IT security processes in the organization.

Human error is often the main cause. Many users are still not sufficiently aware of the value of certain data and readily resort to solutions that can put applications, servers and data at risk. Without a proper security strategy, these digital assets quickly fall into the wrong hands. Training employees in security and data literacy is therefore essential.

Four tips to guide you during a hacker attack

The fact that companies are hacked in this day and age is almost inevitable. The idea that anyone is out of the question as a target is therefore extremely outdated. After all, everyone has valuable information these days that malicious actors are only too happy to have. But suppose a company discovers that it has indeed been hit by a cyberattack: The following four tips provide an overview of the right course of action in such a situation.

1. Do not pay a ransom: Ransomware attacks are a very popular tactic among cybercriminals, as numerous examples from the past year demonstrate. In a ransomware attack, systems are held "hostage" until a ransom is paid. Companies are anxious to keep their operations running, so they usually pay the desired ransom. However, this is not very smart because by paying the ransom, they give the cybercriminals exactly what they want. Consequently, they will certainly continue to use this tactic.
2. Check all system levels: Although this tip is probably most effective beforehand, it is also advisable to continue to check all system levels during a cyberattack. On average, cyberattacks within an organization go unnoticed for about 124 hours. During this time, hackers can quietly explore systems and set up tactics to take the system out of service or lock down data. If enterprise IT professionals continue to monitor the entire system in the meantime, they can detect deviations or anomalies more quickly and take immediate action.
3. Invest in the cyber know-how of employees: As mentioned earlier, hacks are often the result of human actions. Especially when employees don't know what they should and shouldn't do when it comes to cybersecurity, major risks arise. Therefore, it is advisable to ensure that all employees know the correct procedures. This allows them to raise their own awareness of cybersecurity, which reduces the risk of a potential cyberattack.
4. Centralize multiple data feeds in one system: If there is a suspicion that a hack has been carried out, it makes sense to correlate several data feeds for related events. Feeds with information about threats can provide rapid transparency. Therefore, it is useful to use statistical analysis to identify abnormal behavior. In addition, finding and locating these deviations is much easier when the data is stored in one system.

These tips come from BlackBerry, a provider of security software and services in the IoT.