What to do if you’re a cyber attack victim

It’s hard to live in the modern world without being online. But that’s made way for cyber crime. No longer a distant threat, it’s a real and growing concern for individuals and businesses alike. 

From ransomware attacks to online fraud, having any sort of digital presence offers countless opportunities to criminals to exploit vulnerabilities. If you’ve fallen victim to a cyber crime, taking swift action is crucial, but when you’re panicking about your data it’s hard to think straight. 

To give you a helping hand, we’ve put together a clear step-by-step guide on what to do if you’re a victim. 

What to do if you’re a cyber attack victim 

Being hit by a cyber attack is the last thing you need or even expect. Unfortunately, cyber criminals have increasingly sophisticated ways to target businesses, so it’s always best to know exactly what you need to do in the event you’re a victim of cyber crime. 

1. Identify the type of cyber crime 

You might have spotted that something isn’t quite right, like computers running slowly, being locked out of accounts, receiving messages requesting money or unusual account activity. 

The first thing you need to do is identify the type of cyber crime you’re experiencing. This’ll help you get the right support and advice you need. Some insurance providers (like us!) may offer access to a cyber helpline that can help you assess your situation and suitable next steps.  

Checking your cyber security software can help – look at anti-virus alerts and audit logs for any information that may indicate specifics of the attack and the cause. They can typically conduct full system scans to find vulnerabilities. 

2. Assess the impact 

Once you know what cyber crime you’re facing, you should assess how far the effects reach. A few suggested questions to ask yourself: 

• What services, programs or accounts have been attacked? 

• Has any data been lost, illegally disclosed to third parties, deleted or corrupted? 

• Are your customers affected? 

• Is it a system that is maintained by someone else? 

• Can you trace the incident back to a trigger event? i.e. what made it possible for a cyber crime to occur 

If you’re in contact with cyber security experts (from Step 1), they may be able to help you investigate this. 

3. Reporting the cyber crime 

Once you’ve assessed the type of crime and the scope of the impact, you need to report it and notify relevant authorities: 

1. Action Fraud – the UK’s national fraud cybercrime reporting centre, they’re a police-led central point of contact for anyone scammed, defrauded or a victim of cyber crime.

2. Anyone affected – it’s crucial to keep customers informed if they’re affected by the cyber incident. Was their data involved in a breach? Are their services impacted by an infected system? 

3. Legal advisors – if you have a legal advisor, you may want to seek advice if the incident could have a significant effect on your business. For example, reputation management, fines or legal action taken by affected customers. 

4. Insurance providers – if you hold cyber insurance (or cyber liability cover), many policies will require prompt notification of an incident that may result in a claim. Some insurers will also offer advice and support in the event of cyber crimes.

N.B. If you’re not sure who to report a cyber incident to, you can use the UK government’s cyber incident signposting service to find out who you might need to contact.

4. Prevent the incident from progressing 

If you’ve identified the ‘back door’ that cyber criminals used to commit the crime, ask yourself if you can close it to prevent further attacks. Check settings in your cyber security software and you’re using any features available to protect your systems and data. 

Also use the information already gathered (type of crime and extent of impact) to find advice from trusted sources like the police, government websites or accredited organisations like your insurance provider. 

5. Take steps to resolve the cyber incident 

Now you know what you’re dealing with and the extent of the damage you should work to resolve the incident. If it involves platforms that are externally managed (third-party services), contact them and work with them to find a secure solution. 

If the cyber crime targeted systems you manage locally, you’ll need to take your own steps to respond to the incident. This may depend on the incident plan you made when starting your business, but generally involves: 

• Replacing infected hardware 

• Repairing corrupt software or files 

• Recovering backups 

• Cleaning infected machines 

• Securing account (resetting passwords and setting up 2FA) 

Preventing cyber incidents 

Of course, all this guidance is after the fact, but there are precautions you can take to avoid being a victim of a cyber incident. Cyber security best practices 

The National Cyber Security Centre guidance for freelancers, sole traders and the self-employed has lots of advice including:  

• Conduct risk assessments
• Use two-factor authentication (2FA) 
• Use secure passwords 
• Make an action plan  
• Get educated on cyber crimes  
• Backup your data 
• Think about physical surroundings 

We have a whole guide to cyber security best practices where we go into more detail about what you can do to protect your systems and data. 

Getting cyber incident support 

Kingsbridge Cyber Liability policy holders can also access a 24/7 incident response service. Experts can provide guidance and advice if something’s happened (or you suspect something’s happened) that you’re unsure would be a claim or not. Ways we offer support: 

• Dedicated incident manager who can understand the incident and bring in the right experts when needed 

• Specialist IT consultants to help identify the type of attack and the extent of damage 

• Reputational experts to advise on how to minimise negative impacts across suppliers, customers, press and social media 

• Initial expert guidance and advice provided with no excess (calling the helpline won’t automatically result in a claim or excess being paid) 

Insurance with Kingsbridge 

Interested in cyber insurance? Our Cyber Liability is an optional add-on with our Contractors Insurance policy, so you can get the cover you want under one ‘roof’. 

That also means you can get fundamental cover like Public Liability, Professional Indemnity, Personal Accident and Employers’ Liability insurance included as standard, with the cyber protection and support you need on top. 

If you’re interested to know more about what our policies cover, give our in-house experts a call on 01242 808740 – we can help make sure you get the cover you’re looking for.