What to do if you've fallen victim to malware?
Read on for advice!
Transcript
Davis: Hey, Dan, what do we do if we’ve already been hacked? What happens if we fall for a scam? And, by the way, I know you’ll agree that there’s no shame in that. As we discussed in our second episode, people earn their livelihoods this way and they’re very good at it
Dan: Yeah, as you said, don’t be ashamed and get your organization into action. Tell your IT or your security team immediately that something happened, what you saw, what you experienced, and what information you provided to an attacker. The sooner you let someone know, the faster that they can start taking action to limit the effect. Even if you just have a feeling or a sense that something’s amiss, call your service desk or your security team to let them know right away.
Davis: Thank you so much. What happens if this befalls you in your personal life and you’re not at work and you don’t have an IT department at home?
Don’t be ashamed and get your organization into action… The sooner you let someone know, the faster that they can start taking action to limit the effect.
Dan: Consider the information you gave and do what you can to get it back under your control. If you gave out a password, go to that site or that system and change the password right away. In some systems, you can see and manage what other devices are logged into that account. Find the ones that aren’t you and boot them out. Better yet boot, them all out and log in again. Also, use multi-factor authentication whenever it’s offered, which, in my opinion, should now be all the time on all sites. It’s getting better, but it’s still not a hundred percent yet. But if it’s there, use it as a way to make it so that if your password does get out, the attacker still can’t get in automatically.
Davis: What should folks do to prepare for the future?
Dan: It’s not too late to install antivirus software. Modern computers are really complex, including both Windows and Mac, and it’s easy for attackers to find ways in and places to hide. Having a piece of software that’s just listening and waiting to identify that they’re there can mean the difference between catching it early and not at all. The other tidbit is to make sure to use a different password for each application or service. When you use the same one, it can be used by an attacker to get into other places you used it. Store them in a password manager, make them hard to guess, and as I mentioned before, use multi-factor authentication anytime it’s offered and available.
It’s not too late to install antivirus software.
Davis: We talked earlier about how this is financially motivated in large part, so what are your recommendations for what to do if it’s your bank account that gets compromised?
Dan: Well, first call your bank. While you’re on hold, change your password to that account to something you’ve not used elsewhere. Timeliness is key. Money moves fast these days, so the sooner you act the more ways there are to prevent it from being irreversible. And contrary to what you see in popular movies, there are ways to reverse wire transfers, but only if you act fast.
Davis: And so what happens next? Are there lasting consequences for being on the receiving end of a financially compromising hack?
Dan: Not to scare, but there are increasing cases of the long con, where access to a system or network happens and lets an attacker look around for a while, get to know the environment, and then after a while make their actual attack. They can do this to make sure that backups that have been used, that might be used to restore, all contain their malware, giving them yet another way back in after the restoration. So if you have a system compromise, the most reliable way to recover is to wipe it and start over. Which is another reminder to keep good backups of your data, and remember the 321 rule: keep three copies, two of them local but on separate mediums, and one off site, even in the cloud.
If you have a system compromise, the most reliable way to recover is to wipe it and start over.
Davis: This is such an important topic, Dan, and I know people will want to know more about keeping their accounts safe. So as a bonus to episode four, where might you suggest people go to learn more?
Dan: Well, take a look at annualcreditreport.com from the FTC and the US Government. They use the three main credit providers here in the US, and you get one copy of your credit report free from each every year. And some states have laws on top of that. They give you even more. You don’t have to wait for an attack to use this service. Stay ahead of the curve and notice when someone uses your data to extend credit in your name, and it costs you nothing.
Davis: Thank you for that tip. I love a free resource. Dan, thanks so much again. And we’ll see you one last time in our final episode together, episode 5, which is on how to help library patrons and where to go to learn more.
Further Reading
What to Look for In an Antivirus Software
Kaspersky.com on selecting the best anti-virus software for your system and youSimple Online Security: If You Think You’ve Been Hacked
Advice from the New York Times on what to do if you think you've been hackedAnnual Credit Report
A free resource to check your credit once a year. A great way to stay on top of your accounts
Contributor Bios
- Daniel Ayala is a leader in the fields of information security, risk, and data privacy. He is Chief Security and Trust Officer at Dotmatics, hosts The Great Security Debate Podcast, and founded Mentor Core, an organization that seeks to bring together mentors and protégés from across the risk and compliance profession. Learn more about Dan's work at https://danielayala.com/.
- Davis Erin Anderson is Director of Programs and Partnerships at METRO Library Council.
- This project is funded by the Mayor’s Office of the Chief Technology Officer, and produced in collaboration with Brooklyn Public Library, The New York Public Library, and Queens Public Library.