Cyber-criminals are incredibly smart with their attacks. You could be unaware of a breach for weeks, or even months.
Traditionally, when we think of a cyber-attack, we think about being locked out of our computer with a payment demand flashing on the screen. This is often not the case.
Occasionally a hacker may gain access to your device and monitor it for periods of time, waiting for an opportunity to exploit a weakness. So how do you spot the signs that you are being, or have been, breached?
Here are some things that may suggest an incident on your device:
- Unusual activity on your account.
- People informing you of unusual emails or activity from your domain or account.
- Requests for unauthorised payments.
- Requests for change of details, for example, supplier bank details.
- Immediate demands or unusual pressure from a colleague or supplier.
- Being unable to access files or documents you previously could.
- Forwarding rules added to your mailbox.
- Being locked out of your accounts.
- Computer running slow.
- Applications randomly closing or quitting.
- Settings on your device being changed.
- Your webcam light is on even though you aren’t using the camera in any applications.
What should you do if you have been breached?
If you discover a breach within your organisation, the most immediate step is to tell someone. This could be your CEO, MD, IT Manager, or managed service provider (like us).
This will set in motion a series of procedures that must be followed to minimise the impact of the breach. This is often known as a cyber incident response plan.
If you don’t have a cyber incident response plan, we’ve put together our top five things include. Read it here >
What is Phishing?
Phishing is a form of cybercrime which targets victims by email, SMS or telephone. Criminals will pose as legitimate organisations to trick you into revealing sensitive data, such as bank details or passwords. This then results in identity theft or financial loss.
What is Ransomware?
Ransomware is a type of infectious software designed to prevent you from accessing your files, databases, and applications until a request is fulfilled; this is typically a payment to the attacker.
What is Zero Trust?
Zero trust is a strategic approach used by organisations. It includes both employee attitude and security policies put in place, encouraging employees to validate every action they take.