Everyone remembers the piercing sound of the fire alarm breaking the morning haze of the K-12 school day. Your teacher tells you to stand up calmly, form a line, and walk at a moderate pace out the door. However, there are always a few laggards that panic and cause the rest of the class to break the order. They are the reason we practice.
Unfortunately, in the world of cyber security we don’t have the luxury of the 50 decibels warning us that there’s smoke in the area. Now there are ways to practice and measure your performance against threats (Phishing as a Service and Penetration Testing to name a couple) but before that happens it helps to know how to line up and calmly walk out the door.
Here are is what to do when someone pulls the fire alarm:
Remain calm. Okay, so you got hacked. It happens. Rather than running amok in the office, your best bet is to follow a procedure and notify your IT department.
Don’t be a hero. There’s a reason you’re told to leave your stuff behind. Stuff is replaceable and if you’re smart about it, you can use your backup school supplies and not miss a beat. We recommend keeping a backpack full of supplies at home and a buddy’s house.
Power off your PC. Chances are that by the time you realize your network is compromised, the damage has been done. Best to just shut things down and take solace in the fact that you were prepared and you do have a backup plan.
Reset all your passwords using your phone. This presents a good opportunity to update all passwords. If you’re looking for good advice on password management check this out.
Learn. Once the investigation is complete and it’s determined how the threat got in, take the time to identify the “gotcha”.
We have seen the good, the bad, and the mostly ugly in terms of malware attacks. The good are the organizations that take the time to prepare and practice for dooms day. The bad are the organizations that end up paying for an encryption key and getting their data back. The ugly are the ones who pay and receive nothing (although the least common, this does happen). Our goal is to prepare as many people as possible so that when a cyber attack happens you’re not caught off guard.