What to Do During a Cyber Attack

stanmoreCyber, Cyber Insurance

A cyber attack can be a highly stressful and challenging experience for any business. Acting quickly and correctly in the aftermath is crucial to supporting your business’s recovery.

This article provides practical guidance to help businesses reduce the risks associated with cyber attacks. Taking proactive measures is essential across all sectors, no matter the size of your business.

At Stanmore Insurance, we aim to help you be prepared. By implementing the right precautions in advance, you can better protect your operations and ensure a faster, smoother recovery if an attack occurs.

Factors affecting an organisation’s cyber risk

There are a few specific factors that can affect an organisation’s risk of cyber attacks. 

These risks include:

  • Business size – While it used to be the case that cyber attackers would target larger, multinational organisations, this is less common now. Instead, cyber attackers will target smaller businesses that often have a less effective or resilient cyber security infrastructure.
  • Software – Businesses that fall behind on updating their software are at an increased risk of a cyber attack. Those who don’t have a centralised IT network may not be keeping up with necessary changes and updates to their cyber security software, resulting in the business being more susceptible to attacks.
  • Industry – The industry that an organisation works in can also affect the risk of cyber attacks. Companies that have personal data from their customers, such as those which process debit and credit card payments, are at increased risk of cyber attackers targeting their business.
  • Remote work – Whether your employees work from home or are hybrid, there is a risk that comes with the lack of stringent security measures. Your team members may enjoy working from the comfort of their own home or going to public spaces, but it is important to educate them to never work from unsecure public wi-fi. 
Get Cyber Insurance in Place Before it’s Too Late

What is the first thing to do when a cyber attack occurs?

The first thing you should do when a cyber attack occurs is to try and stop the attack and minimise the damage that it can cause. This means contacting your IT provider or cyber security response team, whether internal or through a cyber insurance specialist, including ourselves at Stanmore Insurance. 

Your cyber insurance provider can support you through a cyber attack by deploying trusted, experienced incident responders to address the challenges caused by the attackers. They can also assist in managing communications with your customers, suppliers, and the Information Commissioner’s Office.

Identifying a cyber threat

There are a few ways you can identify whether a cyber threat has been made against your organisation. 

Mysterious or suspicious emails 

If you or your team members have started to receive suspicious emails, this could be a sign of phishing. This is a type of attack in which malicious attackers pretend to be a trusted business or organisation by sending fake emails. Phishing attempts are becoming increasingly common, and so your employees should receive training on how to detect and report potential phishing attacks. 

Unusual password activity 

If a member of your organisation is locked out of their account and/or receives an email stating their password has been changed, it is a potential sign that their password has been compromised. A good security measure is to ensure all employees have strong passwords and they are regularly updated to avoid them becoming compromised. 

Slower than normal network speed 

A hacking attempt often results in spikes in network traffic that can reduce internet speed. Employees should inform their IT security department when they experience substantially slower than normal network speeds. 

Suspicious pop-ups 

Employees should avoid clicking on web pop-ups that look suspicious that they have never seen before. Unknown pop-ups can be infected with malware and spyware that can compromise the network. 

Steps to take during a cyber attack

Here are the first three steps to take if your business experiences a cyber attack.

Get Cyber Insurance for your Business
  1. Contain the cyber breach 

The first step is to try to stop the attack. This may involve contacting your internal IT security team or notifying your cyber insurance provider but a few things you can do to contain the cyber breach include:

  • Disconnecting from the internet
  • Disabling remote access
  • Maintaining your firewall settings
  • Change passwords 

Any passwords that have been affected should be changed immediately. You can use a password manager to create new, strong and unique passwords. Refrain from using the same password across multiple accounts. 

  1. Assess the data breach  

You will need to identify who has been affected by the breach, including employees, customers, clients and any third-party vendors

You should also look at how serious the breach was by determining what information was accessed or compromised, such as bank details, email addresses or even birthdays. 

  1. Notify all parties involved 

Once you have established what data has been compromised, you should inform all parties who are and could be affected by the attack. You will need to communicate to your staff, customers and third-parties that you have had a data breach

You should emphasise your willingness to help by considering opening action hotlines to help with any queries your customers may have. Communication will be key to maintaining a professional relationship with your patrons.

A data breach can be stressful, but as long as you take the right steps, your business will likely have a better chance of recovering. Creating a cyber incident response plan will massively help in situations like these.