A careless mouse click – and before you know it, it happens: suddenly the fan of your PC roars and the computer develops an inexplicable life of its own. Sometimes it reacts painfully slowly to your inputs or freezes altogether, and then the mouse pointer moves suddenly as if it were being remote-controlled, or pop-up windows open mysteriously, making it nigh on impossible to work.
Most of the time, it’s not easy to tell or even immediately recognisable whether a computer has been hacked and infected with malware or ransomware, for example. Malware allows attackers to gain unauthorised access to sensitive data and even infiltrate entire corporate networks. This can cause losses that run into the millions, sometimes taking companies to the limits of their financial capacity and into insolvency; it can also damage their image and trust among customers and business partners, which are difficult to repair.
Cyberattacks are constantly catching out even IT specialists
To this day, many IT experts in companies rely primarily on traditional methods to defend against cyberattacks:
- Long, complex passwords (62%)
- Changing passwords regularly (52%).
Unfortunately, these measures are no longer enough to reliably protect against attacks by hackers. In fact, 30% of IT decision-makers don’t even know if they or their company may have already been hacked – although there are often quite obvious signs when you have been affected.
Clear indications that you have been the victim of a hacker attack
- Your friends receive strange emails or Messenger messages in your name
These days this is nothing unusual because attackers like to use social networks to get hold of your friends’ data and possibly infiltrate them with malware as their next move. It gets really critical when your contacts start receiving messages from your email account that you did not send yourself. If this happens, you should at least carry out a complete virus scan and check that no unwanted programs are installed on your computer.
- Your virus scanner, firewall, etc., are suddenly deactivated
You notice that your virus scanner, firewall and/or task manager and registry editor have been deactivated without your intervention. If that happens, you have most likely fallen prey to a hacker attack. In this case, it is advisable to disconnect the affected computer from the Internet and completely reset it.
- Unwanted software installs itself
Sometimes it comes as an “add-on” in freeware programs, but sometimes also as Trojans that are sent in email attachments and opened by the recipients out of ignorance or carelessness. Finding out what kind of malware is wreaking havoc on your computer is a tedious process that requires quite a bit of knowledge on the user's part.
- The mouse suddenly takes on a life of its own
Just because the mouse pointer suddenly jerks or freezes on the screen does not automatically mean that a cyberattack is behind it. However, if the mouse starts performing click actions on its own, it’s likely a hacker is tampering with your computer. Now’s the time to disconnect the computer from the Internet, switch it off and get help from experts.
- Mysterious debits from your bank account
You check your bank statement and discover that someone has used your credit card as a means of payment. Cybercriminals usually get hold of bank data by sending phishing emails asking the user to enter information such as passwords or PINs on fake websites. Report the damage to your bank and file a report with the police. And don’t forget to change the access data for your bank account and websites.
- Hand over your money or lose your data!
One particularly insidious form of malware is ransomware, which can paralyse the networks of companies, local authorities or municipal institutions by encrypting their data. The attackers usually only release the data once a considerable ransom has been paid. In 2017, for example, a number of authorities and large companies around the world were affected by the WannaCry cyberattack – including parts of the British health system NHS, the Deutsche Bahn railway network in Germany, the Russian Ministry of the Interior and the Chinese oil company PetroChina. If there is no protected backup of the data and the victims refuse to pay the ransom, the blackmailers have no qualms about destroying the data completely. If you are lucky, the crypto algorithm used by the attacker has already been cracked. In that case, experts can help you to decrypt your data again.
Find out if you have been hacked
The first step is quite simple. These days, a number of security suites already provide a function that enables you to check whether your accounts (and their access data and bank details) have been compromised and if your sensitive information can be found on the Darknet, for example. It is possible to have all the email addresses and mobile phone numbers you use permanently monitored.
You can also check whether your email addresses or mobile phone numbers have fallen victim to a data leak safely and quickly on the website haveibeenpwned.com. The Hasso Plattner Institute also provides similar services at sec.hpi. To use the service, you must enter the relevant email address or mobile phone number in a text field and hit “send”. A few minutes later, you will receive direct feedback on whether your data is safe or whether you need to improve the security of your user accounts.
Preventive safety measures
Just because your computer is behaving strangely does not necessarily mean that it results from a hacker attack. Nonetheless, you should always be prepared for the eventuality and ideally take appropriate safety measures from the get-go:
- Password protection:
Always use complex, hard-to-crack passwords to access your email and online accounts with service providers. Ideally, it would be best if you had them generated and managed automatically by a password manager.
- Two-factor authentication or multi-factor authentication:
Wherever possible, you should avoid relying on simple password protection but instead use the increased security of two-factor or multi-factor authentication for logging into user accounts. With these methods, you need two or more factors when logging in to prove to the system that you have access authorisation. In addition to a password, this can be a biometric feature such as your fingerprint or a PIN that is sent to your smartphone during the login process.
Protect your computer from hacker attacks from the Internet by using a modern firewall solution that you always keep up to date. That way, you can prevent unauthorised intruders from using inroads such as security gaps in the operating system or in software components to sneak malware onto your computer.
- Be careful with emails and social media:
Be wary. Don’t open links or email attachments from unknown, dubious sources.
Between 2020 and 2021, 9 out of 10 companies were affected by cyberattacks! Create your mix of measures by using CIAM, endpoint security or cloud solutions and the seven-point plan and proactively defend yourself against cyberattacks.
You can find additional up-to-date tips on protecting against data theft in our Nevis Security Barometer, which you can download here free of charge.