You’ve Been Hacked: Steps to Repairs and Recovery

Guy Fawkes Anonymous.

We talk a lot about how to protect your business from being hacked and what kind of software you’re better off with – but it’s little talk about what to do when disaster first strikes. It may seem like it’s only the giants out there, such as Facebook and Twitter, that hackers target these days, the reality is quite different; 36 % of global targeted attacks were directed at small businesses with less than 250 employees.

Image link: Pexels

Maybe it’s because their security systems are less up to date than the corporate ones – or maybe it’s due to their tools being so sophisticated these days that they can keep the attacks coming around the clock.

Whatever the reasons are, you need to have a disaster plan handy in case your company is next in line. Here is a neat guide to keep your head cool and to speed up the recovery process.

How do I know if an attack has occurred?

The first question most small business owners have upon hearing the numbers is whether or not they may have been attacked already. Could it have happened a few months ago and nobody noticed? Many businesses will, in fact, find it quite challenging to identify an attack like this and when they do notice it, it’s often a while after it actually happened – about 416 days, to be precise.

To spot and identify cybercrime in your company as soon as possible, the manager needs to have an awareness of the regular operations of the business. It’s only after you have a thorough understanding of the applications they use on a normal day and the bandwidth they use that abnormalities can be spotted on time.

Maybe you notice some strange network usage patterns or that the machines are crashing more often than usual – or just running a bit slower. It takes, in other words, an alert eye to identify something like this early on, and it’s perhaps not that odd that most businesses take more than a year before they’re aware of it. Check out for more tips on how to spot a cyber attack.

Investigate the extent

When you suspect that there may have been a security breach, it’s time to give the experts a call. You can, of course, investigate this yourself if you’re an IT expert – but if you’re not, it’s always better to leave it to the professionals.

They will be able to say how many of your machines have been attacked, as well as how it happened in the first place, such as if it was mass-produced or if an employee picked it up while browsing. This process can be pricey and will keep you from conducting business as usual, so have a look at to give yourself some backup.

Wait until this investigation is over with before you pull the plug on your systems. It may be tempting to do it right away but investigations are important as the attack may have been from one of your competitors.

When the unbelievable has happened, the best action to take is to safeguard your systems for the future. Repair the damage, close the gaps, and move on as soon as possible – it won’t happen again with the right amount of precaution.


Just a regular computer user. I write for regular users like me. When we grow up we are taught basic security tips like how to cross the street. But we are not taught how to take care of ourselves online.