Has your business been HACKED, or have you suffered a VIRUS or other CYBER event at your business?

Exclusive FREE Checklist:

If you recently were impacted by a cyber security event at your business, this is the recovery checklist you MUST have.

This checklist will outline the easy steps you should take to quickly get back up and running during or after a cyber security event or hack. If you just recovered from being hacked, this checklist will help you prevent it from happening again. Lets face it being hacked is a painful experience, this checklist will save you the pain of wondering what to do.

INCIDENT RESPONSE CHECKLIST

DO THIS FIRST

  • Call your insurance company. They will guide you on their requirements. Their requirements take precedence. Certain steps may need to be taken to protect forensic data. You never want to place yourself between your customer and their ability to collect an insurance claim.
  • Check the affected business’s Business Continuity/Disaster/Cyber Recovery Plan for the business. There may be specific requirements mandated by policy or the business owners.
  • If possible acknowledge, either in writing or via email, that the infection on occurred prior to your arrival onsite and that you were not the cause of this infection.
  • Remind the business owner to communicate or reiterate the company’s rules of disclosure to its employees addressing what should or should not be communicated on social media, to the press, and to clients. Typical recommendation is that nothing is permitted to be disclosed un l such time as the company releases a statement (after all the facts of the event have been gathered and analyzed).
  • Back up everything, even the encrypted or infected computers, to have a recovery path if the containment or remediation steps destroy data, or in the event that decryption fails and a recovery key is discovered after the event has occurred. There are cases where the threat actor releases the decryption key months after an attack has stopped paying dividends.

CONTAINMENT

  • Run an external penetration test from the internet to look for anything unusual (ports) that shouldn’t be open in the firewall. If you don’t know how to do this or don’t have access to those tools, please send ALL public IP addresses to Creative IT as we may be able to check for you.
  • Deny all international traffic in the firewall.
  • Deny all inbound traffic across RDP or other remote access tools to the client site. If necessary, enable VPN access first, then RDP across the VPN protected connection. If possible, you could unplug your Internet connection at the router until you have regained control of the network. You could also unplug all switches on the network to help avoid lateral movement of the threat and isolate segments of the network as you work to contain.

● ● ●

 
Incident Response Checklist

Downlod the full Checklist and you’ll Discover:

  1. The BEST Containment steps to make sure your risk does not grow from the cyber event
  2. How to remediate the attack and get your business back up and running
  3. How to best recover from the attack
  4. 15 Ways to prevent cyber events in the future
  5. A FREE offer to help protect your company data

Get Your Free Checklist Now by Completing the Form

Or Call Us Direct: Current Clients: (336) 310-0277

Important! We hate spam as much (or more!) than you and promise to NEVER rent, share, or abuse your e-mail address and contact information in any way.

Fill Out This Form
To Receive YourFREE Checklist

Questions? Call us 336-310-0277

Important! We hate spam as much (or more!) than you and promise to NEVER rent, share, or abuse your e-mail address and contact information in any way.

Creative IT Stays Well Informed Of Trends In The IT industry And Are Proactive With Security

Creative IT Stays Well Informed Of Trends In The IT industry And Are Proactive With Security
Prior to signing on with Creative IT our we had a security incident which basically rendered us inoperable for three days.  With the additional security measures and firewalls Creative IT have put in place I don’t believe we would be vulnerable to such an attack again. Creative IT has proactively ...Read More

Christine Mayers
Mary Reynolds Babcock Foundation