Incident Response

Your worst fears have happened

Stay Calm and Follow Along.

Isolate

Quarantine the infected computer by unplugging it from the network. This will help prevent the malware from moving laterally through the network.

Document

Take a picture of any ransomware screens or requests for payment with a cell phone. Save this picture as you will need it when reporting the incident.

Identify

Use whatever tools you have to identify the ransomware or malware variant, i.e. Google search or a IT professional.

Disable

Using what is known about the malicious software, disable the software so it can do no more damage. If you do not have the skills, call a professional.

Remediate

Clean all infected systems of any malware. If you are unsure about the effectiveness of the system disinfection, you may need to perform a system wipe.

Restore

Using clean backups, restore all files back to the disinfected machine. Do not use any backups unless their integrity and cleanliness can be ensured.

Reset

Reset any passwords on any infected machines. Assume that anything you have accessed on the infected machine is compromised. For example, if you have logged into your bank or social media accounts, change the passwords on those as well.

Report

Using collected data, report any infections to your insurance company and the proper authorities. The path of the attack, what was done to clean your computers, how you are preventing in from happening again, etc.will all be required.

Can You Survive?

60% Of Small Companies Close Within 6 Months Of Being Hacked

- Cybersecurity Magazine - Robert Johnson III

Incident Response

You are not alone

We are here for you

If you feel you have had a Cyber Security incident, please reach out immediately, either by phone at 919-341-4686 or via the form below. We will begin working on your incident within minutes to help you reduce damage, stop the spread and document for law enforcement. Depending on the type of attack, we may even be able to recover any lost data.