Hackers are smarter and more sophisticated than ever. And if you’re a business owner, it’s important to know what to do when your company gets hacked.
Your managed service provider (MSP) and cybersecurity partner can do a lot, but there are a lot of things that you can do to keep yourself safe.
Hackers are Getting More Sophisticated
A small business client that came to us a couple of months ago wasn’t just hacked, they were what we call “owned”.
Hackers had access to their email, their internal network, and the cameras and microphones in their office. They even changed the username and password with their internet service provider (ISP) so that they couldn't even access their own internet. It was unbelievable.
The biggest issue was that they actually took control of their cell phones too. The hackers exported the organization’s phone numbers out to another phone so that they could get the two-factor authentication. They also impersonated the client to the point where they were able to port their numbers from Verizon to another carrier.
Again, the hackers even took over the company’s cell phones. It's crazy.
That's just one example of how hackers are smarter and more sophisticated than ever. They can break into your cell phones and move your number to another cell phone so they can get access to your two-factor authentication. And they take that information and literally post it and sell it on the dark web.
The dark web is an area of the internet that's not accessible by the general public. It’s a place where hackers and bad actors in the cybersecurity space trade, buy, and sell information.
Is Your Information on the Dark Web?
People really don't know how easy it is to get your information through the dark web.
Here’s an example. You've signed up for My Fitness Pal, Macy's, or Home Depot. You used your primary email address and a password that you've already used in other places. (We don't recommend that, but many people use the same password over and over again.)
Let's say that one of those sites gets hacked. That data is stolen. And then that data is uploaded onto the dark web. Now your email address and your commonly-used password are available on the dark web for other bad actors to take.
How Bad Actors Access Your Data When Your Company Gets Hacked
It's very easy to trace your email address back to where you are, and if you use the same password for your email, they can access your email just as easily. You may not even know it.
They could sit there for months watching your email until some sort of financial transaction goes through. If that email has account numbers in it or talks about paying invoices or transferring money, they'll intercept it and change the account number. Now you’re a victim of wire transfer fraud.
You really need a partner that can protect you and fix things when they're broken. If there is a breach, a hack, or nefarious activity going on, you need help. You need a partner who can understand what happened, investigate it, peel back the layers, and determine how to bring you back to a place of security. The right partner can make sure that all of your digital assets are properly protected.
A Process For Security When Your Company Hacked
At CyberTrust, we have a process for security. When we start to work with a client, we start by identifying all of the digital assets and looking at them one by one. We ensure that the passwords are properly secured and that two-factor authentication is turned on.
We also do internal and external scans of the network to look for vulnerabilities. And when we find them, we shore them up to make sure that the network is secure.
We also work with the end-users. And that's really the most important part. You can spend huge amounts of money on hardware and software, but if you don't train your end users and they click on the wrong thing and give their password away, it's all-for-naught. So we really spend a lot of time working with the end-users and helping them understand what they're looking for from a cybersecurity standpoint. And then we secure the network and then maintain that security.
Cybersecurity is About Peace of Mind
When you work with CyberTrust, we can bring you that peace of mind. You know that we have your back from a cybersecurity standpoint.
We’re also members of the FBI InfraGuard, which is a joint cybersecurity task force between the government and private industry. Once you apply to the FBI InfraGuard, go through the lengthy vetting process, and get approved, you receive insights and information on what's going on in the world from a cybersecurity standpoint.
Many times we receive an alert about something that has happened at some level before it becomes widespread. And we can take measures to prevent that from happening to our clients.
We're a little geeky in that we're passionate about that kind of information. But part of the reason we stay on top of it is that it really gives us a leg up in knowing what to do for our clients.
Are you concerned about your company’s exposure to cybersecurity risks? Unsure of what to do when your company gets hacked? Click here for a free dark web scan to start protecting yourself today!