How do I know if my Business Computers have been Hacked?
Cyberattacks, unless you’ve had it happen personally to you, can seem like a far-away threat. More than half of SMBs don’t think they’re at risk. Most remain unaware they’ve been breached: “There are only two types of organizations: those that know that they’ve been hacked and those that don’t yet know,” warns Crowdstrike co-founder Dmitri Alperovitch.
The danger is very real, for both big and small organisations. In the UK, a small business is attacked every 19 seconds. And many types of malware can hide in your network, collecting data and conducting surveillance to use for more convincing scams.
While cybersecurity prevention is better than cure, the sobering truth is that there is no silver bullet against cyberattacks. Knowing when you’ve been breached is key to minimising losses. But detection rates are still glacially slow. Organisations take an average of 206 days to detect a breach, which is more than enough time for criminals to wreak havoc.
Keeping your data safe is not only a matter of keeping hackers out, but also knowing how to spot when you’ve already been compromised and doing immediate damage control.
Below are warning signs that business owners should investigate.
Strange, Unauthorised Downloads
Browser extensions or plug-ins that you don’t remember installing are a telltale sign of a breach. These can come in via email or dangerous websites that will try to auto install them. Many types of malware piggy back on seemingly legitimate software, then start downloading programs once it has wormed into your system.
These programs are typically adware that force pop-ups, change your browser, or redirect searches to sketchy sites. While adware is more annoying than devastating, it’s still potentially a foot in the door for more vicious types of viruses.
There’s also a type of malware that can allow hackers control over your computer. Erratic cursor movement is one of the signs that something is awry. Your mouse clicking and initiating software is most probably not a tech glitch, but someone trying to actively control your machine!
Not all attacks are about stealing data. Sometimes, it’s about commandeering resources. Cryptojacking, which is stealing your computing power for mining cryptocurrency, can quickly overload your machine, making it impossible to get any work done.
Constantly crashing programs or taking forever to boot up software are common signs that you’ve been compromised by cryptojacking. You should also investigate if you notice that your device is running hotter, or if the battery is draining faster than usual.
Disabled Security Apps
The longer a computer stays infected, the larger the data theft or corruption. So it’s in the best interest of malicious code to stay undetected long enough to do serious damage, or to further download devious files.
One common way malware achieves this is by neutralising your computer’s defenses. Instances when you need to temporarily disable your antivirus should be far and few in between, so users should be wary about changes in their settings that they don’t remember initiating. Some viruses disable warning windows, leaving only alarm chimes.
Sometimes, attempts aren’t so stealthy, instead hiding behind familiar computer actions. Snatch, a type of devastating malware that encrypts data as well as installs surveillance, forces computers to reboot in Safe Mode, where antivirus protections don’t work. These instances can be easy to pass off as a one-time issue, instead of an infected device trying to kick the doors open from the inside.
Unusual network traffic
One of the earliest, and possibly trickiest, ways to detect malware is to analyze your network’s data patterns. Most malware need to communicate with a command centre for further instructions on what to do to your machine, may that be downloading more files or stealing sensitive data.
This communication creates a trail. Spikes in traffic like large file transfers to and from unknown domains are one of the signs that a computer in your system has been compromised. However, detecting these anomalies takes skill, and an instinct that compels your technicians to look in the first place.
Messages that you’ve been Breached
Warnings that your computer’s been infected by a virus can seem helpful, but ironically these can actually be from criminals hoping to swipe sensitive information. The fact that they’ve been able to push a message through means that your device has already been compromised in some way.
These messages rely on scare tactics to convince you to purchase fake security software, click on malicious links, or execute booby-trapped attachments. While you can often get rid of these notifications by simply restarting your browser, more devious tactics attempt to bring your guard down by redirecting you to scammers posing as fake tech support.
Blocked Files and Log-in Access
Obviously, getting locked out of your computer is a sure sign you’ve been hacked. But not all ransomware that purport to have control over your files actually do. Messages claiming that your computer’s been hacked and can be freed for a price may simply be harmless yet annoying scareware that’s trying to bluff you into paying.
Passwords that suddenly stop working is possibly the most alarming sign that a truly serious attack is underway. Unfortunately, getting blocked already means criminals have control over your files. The most foolproof way of surviving a ransomware attack is by regularly backing up your data.