Imagine this: you get up, and try to sign into your email account and your password does not work. Then you notice the bank account tacked with charges that you do not recognize. The panic sets in that you’ve been compromised.
In the midst of a cyber attack it’s easy to become overwhelmed. Just like a fire drill in your home, having an electronic emergency response plan will help you remain in control and take the proper steps to get back up and running quickly.
Here’s how to make your own personal “break glass in case of emergency” strategy for the digital age.
Step 1: Recognize the Signs of a Hack
Some hacks aren’t obvious. Common red flags include:
-
Unexpected password reset emails.
-
Your friends or colleagues who have received unwelcome messages sent by you.
-
Unconfirmed charges to your credit or debit card.
-
Locked out from a account.
-
Pop-ups or strange programs appear within your system.
If you are noticing any of these signs, it’s time to start putting your emergency plan into the right direction.
Step 2: Contain the Damage Immediately
As with a fire in a home the first priority is to stop the spread.
-
Unplug from Internet. If your computer has signs of malware, turn it off to stop any further data theft.
-
Change passwords using secure devices. Use a device that you can trust (not the infected device) for resetting passwords.
-
Sign out from any other session. Most services let you sign out of all devices simultaneously.
-
Allow Two-factor authenticating (2FA). This creates a stronger barrier to attackers who want to get into.
Step 3: Secure Your Critical Accounts
All accounts are not created equal. Make sure you secure the accounts that are most likely to cause damage:
-
Email is often the main point of recovery for your other accounts.
-
Banking and financial services Stop fraud before it becomes a problem.
-
Work accounts – Prevent professional data leaks.
-
Cloud storage to safeguard photos, personal files and sensitive documents.
Make sure you use unique, strong security passwords (a password manager may be used to help create and keep the passwords).
Step 4: Scan and Clean Your Devices
In the event that malware is involved
-
Conduct an complete antivirus scan using a trusted program (e.g., Windows Defender, Malwarebytes, Bitdefender).
-
Take out any suspicious software.
-
Upgrade the operating system as well as application to fix security vulnerabilities.
-
If you are in a pinch you might consider a complete Factory reset of your device.
Step 5: Alert and Report
Based on the nature of the compromise You may have to notify other people:
-
Contacts/friends: Let them know not to click suspicious URLs you send them.
-
Credit card or bank: Report fraud and request a freeze of your account in the event of a need.
-
Employer: If your work accounts were affected, notify IT immediately.
-
credit Bureaus (U.S.): Set up a credit freeze or a fraud warning to guard from identity theft.
In the case of serious crimes you may also make a report to the government (e.g. FBI’s IC3 in the U.S.).
Step 6: Document Everything
Record the event:
-
Which accounts were affected.
-
The timeframe of suspicious activities.
-
The steps you took to heal.
-
Any fraudulent or illegal activity.
This can be helpful in the event that you need to contest charges or file insurance claims or later report the incident.
Step 7: Build Resilience for Next Time
The most effective emergency plan is protection. Once you’re back, build your defenses
-
Make use of the account manager to generate unique passwords all over the world.
-
Make sure to turn off 2FA for all accounts that are important.
-
Every now and then, make sure you back up your files to an offline, secure place.
-
Make sure you keep your devices up-to-date with the most recent patches.
-
Check your accounts regularly using tools such as Have I Been Pwned?.
Your Personal “Digital Go-Bag”
As you would have a bag for an emergency Prepare your digital version:
-
A password manager that offers security options for recovery.
-
Backup codes for 2FA are stored securely offline.
-
An emergency contact list (bank and employer, as well as Support for technology).
-
Information on where to find tools for malware and breach-checking.
The ability to have these on hand will save valuable time, especially when every minute is crucial.
Conclusion
Being hacked can be stressful, but it doesn’t need to be a disaster. If you have the help of a Digital emergency strategy you’ll be able to act swiftly, limit the damage and restore your account and your identity.
Consider it as a digital first aid. You wish you don’t need it but in the event that you do you’ll be grateful it’s available.
Takeaway: Don’t wait until disaster strikes. Write your plan, keep all backup data, and get ready now. Your future self will be grateful to you.
