5 Steps Retailers Should Take to Handle a Cyberattack

Once infected hosts have been identified, do the following:

• stop and kill all active processes;
• remove and save all files installed by the attack for later investigation;
• separate sensitive data from the network;
• apply necessary patches;
• update/reset all affected login accounts;
• assess file damage;
• reinstall affected files;
• notify all affected parties;
• disconnect affected hosts; and
• perform daily reboot.

4. Be proactive. Attackers are becoming increasingly sophisticated using advanced malware and techniques to hijack operating systems, applications and servers. These attackers learn from their experiences and often return with nuanced attack versions, putting organizations back on the defensive, and the vicious cycle continues.