Cyber Attacks – Immediate Steps And Legal Immediate Response Team. CSI: My System.
The first thing to remember in such instances is that your initial instincts are most often counterproductive (as those reactions are the first things any 'decent' malware expects or targets) and that your computer / systems / accounts are now, effectively, a crime scene (hence the "CSI" heading). So, if you've watched any TV series that deals with crime scenes, you would probably do well to apply some of the fictional lessons with the required changes to adapt to the real world:
- Do NOT tamper with a crime scene (which actually means do not turn on, off, save, email or do any other activity in or connecting the affected systems). Malware often targets your initial response as a means to further its own causes or to trigger automated (definitely not pleasant) responses. The correct technical responses should be determined with professionals and in coordination with your legal.
- Do NOT cover the occurrence up, pretend it didn't happen or assume it will go away if untreated or unfound. Early detection and even more importantly, early reporting for the organization to take a well measured response in a timely manner is crucial both from operational and liability perspectives. Has everyone who needs to be notified been notified? Within the organization? What about stakeholders or down / up the supply chain? Determine your legal obligations in a timely manner to avoid compounding your legal issues...
No comments:
Post a Comment