How to Recover From a Cyber-Attack

The Best Offense is a Good Defense

You don’t want to have to recover from a cyber-attack. Sure, it may be true that the best offense is a good defense, but no matter how well we defend ourselves against cyber-attacks the odds are stacked against us.

Cybercriminals just have too many weapons and too many opportunities to use them. This article will highlight the best ways to protect yourself from cybercrime and the steps to take to recover from a cyber-attack.

Note: If you’ve recently become a victim of a cyber-attack or identity theft Skip to This Section. There you will find steps to take after a cyber attack.


recover-from-a-cyber-attack-completely

Cybercrime Challenges You Face Daily

Your biggest challenge is protecting your personal and sensitive information about yourself and your financial assets. It’s not easy to recover from a cyber-attack. Every day you are faced with the risks of identity theft, malware attacks, financial fraud, and your personal information being revealed to bad actors and malicious users.

Millions of people are part of some type of data breach every year. These people must detect and recover from cyber-attacks. Once you are part of a major data breach the odds are that your information will be available for purchase on numerous online cybercriminal forums. To help avoid these situations it is essential that you practice good personal cybersecurity. This means minimizing your digital footprint and safeguarding your accounts with strong passwords and multi-factor authentication.

Terms to be Familiar With

Being familiar with the cyber threats that we are exposed to on a daily basis means having a basic understanding of cybersecurity vocabulary. A basic understanding of cybersecurity terminology creates personal awareness. Here are some cybersecurity terms you should be familiar with.

  • Phishing — Phishing is a technique that hackers will use to get you to reveal personal information to them. Be aware of phishing attacks included as part of unsolicited emails and other communications. Avoiding these attempts is the first step to recover from a cyber-attack. Prevent the attack from the start.
  • Social Engineering — Cybercriminals use human nature and the way people like you and I think and act to develop attacks to get us to reveal sensitive information. Cybercriminals try to find ways to exploit human behavior. They try to get us to do something like clicking on malicious links in emails or entering sensitive information on fake websites.
  • Encryption — Used to secure data while it is being stored or while it is being sent over the Internet. There are different levels of encryption. If you store or transmit sensitive data always ensure it is encrypted. When surfing websites always ensure the URL of the site you are on has the HTTPS not HTTP) at the beginning. Most popular web browsers will indicate insecure connections with an open padlock symbol or red highlighted text.
  • Malware — Malware is a term that covers a wide range of malicious software. It can be any software that’s designed to cause damage to a computer or to steal sensitive information. Malware is short for malicious software. Try to mitigate malware risks and avoid having to recover from a cyber-attack.
  • Virus — a virus is one type of malware that is intended to damage or in someway corrupt the data in a computer and then spread to other computers and systems within a network, or across networks.
  • Ransomware — Ransomware is used by cybercriminals as a way to benefit monetarily. Once this malicious software is delivered to a computer system it typically will encrypt your files, and then display a message on what to do where to send payment) if you want access to your data. The best way to mitigate this risk is to maintain secure backups of all data, that way you won’t need to recover from a cyber -attack.
  • Firewall — A firewall can be hardware or software-based. Most popular operating systems incorporate a firewall with default settings that can be modified. a firewall is designed to block malicious traffic attempting to enter your system.
  • Virtual Private Network (VPN) — A VPN will provide a secure and encrypted means to transmit data over an insecure network. It can hide the contents of your data from malicious actors as well as snooping Internet providers. A VPN can be used in conjunction with other security as an added layer of protection and privacy. A VPN should always be used when traveling or on a public network.

image-of-hacker-cybersecurity-recover-from-cyber-attack

10 Personal Cybersecurity Tips

Personal Cybersecurity addresses the self-needs of an individual. It is applied whether you are at work or at home, or anywhere in between. It involves the protection of personal information, personal devices, and your Personal Area Network (PAN).

Effective personal cybersecurity practices require a personal awareness of the environment we are in. By possessing the knowledge and having the necessary resources we can protect our personal devices, our sensitive information, and our livelihood. Good practices can prevent having to recover from a cyber-attack.

10 cybersecurity tips to use in your everyday life

  1. Monitor Your Credit Reports and Review Your Online Banking Accounts — This will help you detect breaches or fraud involving your accounts. The sooner you know there’s a problem, the sooner you can take corrective action. You can’t start to recover from a cyber-attack until you know it happened.
  2. Avoid Using Public Wi-Fi — If you must use public Wi-Fi be sure to use a VPN. Virtual Private Network subscriptions are not expensive, and they are simple to use. The VPN Encrypts your data. Even if your data is captured by a cybercriminal it can not be read.
  3. Keep Security in Mind When Using Mobile Devices — Always use a screen lock and complex passcodes. Always use the latest patched version of the operating system. Do not use text or email to send sensitive information. Maintain a Cloud backup of important data.
  4. Enable Multi-factor Authentication — Two-factor and multi-factor authentication should be used with all personal and financial online accounts. It adds an extra layer of security. It can also expose, and make you aware of, fraudulent login attempts.
  5. Keep All Software Up-to-Date — Turn on automatic updates on all your devices. Do not use software or devices that are no longer updated or maintained by the maker. Outdated software is an invitation for hackers and cybercriminals. New vulnerabilities are being discovered every day, and without updates, the software will remain vulnerable to cyber-attacks
  6. Use a Password Manager — All online accounts should use unique and complex passwords. Password managers make it simple to create and keep track of unique and complex passwords. Use strong passwords now so you don’t have to recover from a cyber-attack later.
  7. Use Anti-malware and Anti-virus Software — There are lots of good ones available. Most also include a Firewall feature which you should always use. It’s easy to find a reliable solution with a little research online. Some are more user-friendly than others, so, read the reviews. You should choose one solution that will work on all your devices.
  8. Keep Your Guard Up — Always beware of unsolicited emails and communications. Learn how to spot phishing scams. Always think twice before clicking links or opening attachments sent via email. Email is how 90% of ransomware attacks happen.
  9. Take Care to Protect Your Personal Information — Stay on your toes. Don’t offer too many personal details on social media sites. Be careful what you say in chat rooms and what information you send via email or text. Be conscious of your surroundings. Take extra precautions to protect your personal data so you don’t have to recover from a cyber-attack in the future.
  10. Backup, Backup, and Backup Some More — Regular backups are an important part of an overall personal cybersecurity stance. Use a local backup strategy along with a cloud solution. Good personal cybersecurity includes protecting your data from loss, as well as theft. Always be ready for the unexpected. A good backup strategy is your best way to minimize damage caused by cyber-attacks.

There are so many ways you can become a victim of a cyber-attack. There are many types of identity theft. There is also identity fraud. There is also a constant barrage of phishing and social-engineering attacks.

These facts highlight the importance of protecting yourself from online identity theft and cyber-attacks. And, it dictates that you know how to recover from a cyber-attack.

And, as mentioned earlier, regularly checking credit reports can help to identify these types of fraud early on. If you don’t know that you are a victim you cannot begin to recover from a cyber-attack.

The next section offers procedures and recommendations to use if you have become a victim of a cybercrime. It covers the steps to take after a cyber attack.

emblem depicting personal cybersecurity and how to recover from a cyber attack

How to Recover From a Cyber-Attack

If you have become a victim of identity theft or fraud, go directly to this article, it explains a proven process for minimizing damage, and taking back your life.

Cyber-attacks and data breaches can happen to anyone at any time. If you have some kind of a plan of what to do when it happens there will be less panic and confusion.

Very few people practice good personal cybersecurity on a consistent basis. Even if you have acknowledged all the threats and taken all the precautions discussed earlier, bad stuff can still happen.

And that’s when it’s time to recover from a cyber-attack. There are several different types of cyber-attacks that can happen. Let’s look at them one-by-one and develop a plan to recover from a cyber-attack.

Types of Cyber-attacks Involving Your Personal Data and How to Recover


Data breach at a company you do business with


This is a situation where it is not your fault. Bad stuff just happened. Your credit or financial information has fallen into the hands of a cybercriminal due to a data breach of the company’s computers and network systems.

This type of data theft is hard to detect

The system that experienced the breach is not under your control, you have no idea it was breached and your data was compromised. These third-party companies do not always notify their customers of the breach.

In this case, you best chance of finding out about the attack is to check your credit reports and online banking activity on a regular basis. A good rule of thumb is to review your accounts weekly. The sooner you recognize a problem the sooner you can report it to company and the better the chance that the criminal will be caught.

If you attempt to login to one of your online accounts and can’t access it because the password has been changed, contact the company immediately and gain access with a new password. Check the account carefully for suspicious activity. If you have made the mistake of using this password on other accounts, update those accounts immediately.

If the compromise account is an online banking institution have them cancel your cards and issue new ones. Be sure to p[point out any fraudulent charges that are present.


Your personal device has been hacked


When your device has been hacked the hacker was most likely attempting to gain access to a financial account or login information. They may be looking for information to commit identity theft. They might be looking to deposit malware on your device to initiate a ransomware attack.

How do you know you’ve been hacked?

Well, it may be obvious. A popup with a ransomware demand note is an obvious sign. You may see popups that tell you your computer is infected by a virus and prompts you to “Click here to fix”. Or it could be a command-line screen that pops up really quick and then disappears. If your friends say they are getting weird emails from you, that’s another sign that you have been hacked. If your system password changes by itself, you’ve probably been hacked.

Time for immediate actions

Power of your device. Stop the process and prevent further damage. If you are sure you have been hacked, don’t hesitate. Unplug your device and remove the battery. If you must finish a task or save your work, at least disconnect the Internet in the meantime.

After you are offline and the device is shutdown try to think about what you did just before you were hacked. This could give you an idea of what happened and help you to make a plan of action. The next step is to start your device in safe mode. Or, if you choose you can take the device to a professional and tell them what happened. They will then make a plan and perform the proper diagnosis for you. It’s not always easy to recover from a cyber-attack. If you tackle the project yourself refer to Recovery below.

How to recover from this type of cyber-attack

Power up your device without connecting to the network. Run a thorough scan using your anti-virus program. If your anti-virus program does not find anything, or finds something but can’t remove it, use an anti-malware program. If you don’t have one jump online real quick and grab a trial of the program called MalwareBytes. It is good at detecting and removing malware. Microsoft® technicians often recommend it.

If you run the anti-virus and anti-malware scans and nothing is found, or it’s found but not removed, you can try other programs or restore your backup. Once you restore from a clean backup verify that the problem is fixed.

The system is up and running malware-free. But, now you need to think about critical passwords that you need to change. Keep a close eye on your system and look out for weird behaviors. Some malware infections may not be removed even when you do a complete restore. When in doubt, seek a professional.


image of ransomware and malware - recover from a cyber-attack

Ransomware


Ransomware is a type of malware that no one ever wants to be infected with. There are different varieties of ransomware. Typically it is delivered on your system when clicking a malicious email attachment. It is common behavior for it to encrypt files on your computer causing them to be inaccessible. There is usually a popup that contains information and instructions in it like the one below. Many times these are just threats and there are no encrypted files on your system. But, there are times when the malware is really ransomware.

image of ransomware note - need to recover from a cyber-attacks
Immediate action recommended

If the threat is real it will encrypt the files on your hard drive. It may be working on your files at the same time the ransom note pops up. No sense in taking chances. Shut down your device immediately. Disconnect from the Internet and remove the battery from your device.

How to recover from a ransomware cyber-attack

The are companies that can offer to unlock your files for you using a list of decryption keys gathered during prior attacks. Often, the keys will not work because the hacker uses a unique key for every attack. Leave your computer off for awhile in case the hacker is waiting for you to come back online so they can finish their dirty work.

The real key to recovery is having good and recent backups. But before you restore a known good backup run anti-virus and anti-malware scans to detect and remove the malware. If you can not find and remove the malware do a complete backup, including the operating system.

Don’t forget to think about when and how the malware got into your system. It may be from a downloaded file, or perhaps an attachment in an email. Even office documents can have embedded macros that can deliver malware.


The Importance of Reporting Cybercrimes

Most people understand that local law enforcement typically does not investigate small cybercrimes. For this reason, many cyber-attacks on individuals go unreported. The fact is, you are a victim. If the cybercrimes don’t get reported you can not expect cyber-attacks to go away.

Good personal cybersecurity practices include reporting cybercrimes in an effort to increase the overall cybersecurity posture of our communities. Also, by filing a complaint you will have a record of the crime if you need documentation for your banking or credit institution, or perhaps your insurance company.

File a complaint with the FBI

If someone is in immediate danger always dial 911. For non-emergency cybercrime, complaints go to the Federal Bureau of Investigations (FBI). The FBI has an Internet Complaint Center (IC3). Complaints can be filed online at the center’s website. The website is also a great source of information about current cyber-attacks, industry alerts, and consumer alerts.

The center will analyze your complaint and refer it to the proper federal, state, or local agency. IC3 is probably the best option for filing most cybercrime complaints.


Reporting identity theft

Report identity (ID) theft to the Federal Trade Commission (FTC) online at IdentityTheft.gov or by phone at 1-877-438-4338. This is where you can find resources that will help you to report and recover from identity theft.

What are 12 Tips to Protect Yourself Against Identity Theft?

1) Check your credit report for new accounts or unusual activity

2) Watch credit card activity and check bank statements often

3) Be unique – use strong passwords

4) Mind your mailbox and monitor you mail service

5) Shred your documents before disposing

6) Be more private on social media – including birthdates

7) Be wary of strangers asking questions

8) Don’t fall for email phishing scams

9) When shopping online – look for “HTTPS://” “S” means secure

10) Keep computers and other devices secure

11) Avoid Public/Open networks

12) Get help from your bank – sign up for alerts


Read more: Steps to Protect Yourself From Identity Theft

Read more: What is Personal Cybersecurity?

Resource: Cybercrime Statistics

Updated 05/18/2021 by Kirby Allen