Cyberattack can be a very scary thing. Most of the time you never meet your hacker. All you know is that your defenses were breached, your data was stolen and you are left to pick up the pieces.
Then again, some businesses actually come into contact with their attacker. Sure, they still hide behind a computer screen miles away, but this time the lines of communication are open. Perhaps the cybercriminal wants to taunt you, extort you, make a demand or simply to get your attention. It's not easy to know what to do in these kinds of situations.
Thankfully you don't have to go through these experiences alone. CyberPolicy is more than happy to set you up with a cyber insurance provider and tips to find the ideal cybersecurity analyst.
One of the most common connections businesses have with their victimizers is through ransomware attacks. Essentially, the hacker installs a malware program on a device which then spreads through your network locking computers with an encryption code only known to the attacker. The cybercriminal will then demand a ransom payment to release their vice grip.
Ransomware can cost businesses thousands of dollars in downtime. But should you pay the lump sum to regain control of your network? Not so fast. Just because the hacker says they will unlock your devices, doesn't mean they will - and even if they do, that malware is still hidden in your machines. Plus, some forms of ransomware are permanent!
Bottom line - Reach out to your cyber insurance provider and law enforcement rather than pay extortion fees.
Dealing with Hacktivists
By now you are probably familiar with the term hacktivism' (a portmanteau of 'hacking' and 'activism'), but perhaps it's also a problem you haven't had to deal with before. Hacktivism is admittedly pretty complicated as participants can range from well-intentioned social media advocates to malicious cyber crooks. The key is to listen to and address hacktivists' concerns in hopes of diminishing their hostility.
Whatever you do, do not challenge the hackers as this could quickly get out of hand. Don't get it twisted, you will lose big time.
Go the Diplomatic Route
Plenty of leaders like to beat their chests and pretend they can defeat their attackers by refusing to negotiate with anyone. But is this really the best course of action?
Take Zomato for instance. This restaurant search and discovery service was targeted by cyber crooks in May 2017. The attacker threatened to sell stolen data (including email addresses and passwords) on 17 million customers to the dark web. But instead, Zomato struck a deal with the hacker to set up a 'bug bounty program.'
For those who don't know, a bug bounty is an incentive for white hat and grey hat hackers to test a site or service for flaws and then reveal those security gaps back to the company so they can make improvements to their digital infrastructure. Since the Zomato hacker was only after money, this ended up being a good deal for both sides.
Of course, this idea isn't applicable in all cases but it is nice to see that diplomacy can work to protect businesses and customer information.
In conclusion, there's no clear-cut answer to dealing with hackers. Still, the best thing you can do is keep a level head and reach out to your partners when you need help.
Find the perfect cybersecurity insurance provider and partner by visiting CyberPolicy today.