Basics: What To Do If You Think You’ve Been Hacked


Recently, I was asked a question “How can I tell if someone has placed spyware in my computer to track my stuff or remote control to see what I’m doing?”. This is probably one of the more common questions I’m asked from people who fear the worst from an ex boyfriend, employer or perhaps that suspect room-mate. It’s natural to fear the worst when complicated systems might have been left in the hands of those who might be somewhat untrustworthy. In this article, I’ll try to go over some of the ways you can tell if these things might be happening, and how to prevent some of them from occurring altogether.

The most important thing to do is keep a clear head. There are many things you’ll see and hear – and lots of them won’t be true. Take a consistent and methodical approach to understanding your situation, and you’ll succeed quicker and with less stress. Here are some steps you can take if you think you have been attacked electronically somehow.

1. Identify the devices you consider suspect. This may be because it was on when an untrustworthy person was around or because it’s running differently with errors you think aren’t normal. You need to know the scope of what you’re dealing with. Stop using the devices you consider suspect immediately and get them to a safe place so you can determine the issues. When you understand better what’s going on, then you can use it again. Think about the signs that lead you to consider this in the first place – if you need to contact the police, be sure to do so.

2. Change passwords. Starting with the sites that hold the most important data – change passwords for all of them. Ensure you also update personal details such as alternate email address and postal addresses to be sure that a speedy recovery can take place for these sites. Often this step is skipped and those with your password will continue taking advantage of this breach long after the initial access.

3. On the suspect computers, be sure your virus scanner is running and up to date. Run the scanner and have it scan your entire drive. On Windows-Based computers, use utilities like Autoruns, Procexp, Combofix, Hijackthis and even an alternate virus scanner to get a handle on any and all suspect applications. Be sure check for applications that might have remote access ports open. There aren’t any easy fixes for this – so be sure to be extremely sceptical of anything that seems out of place on your computer. If you continue scanning and virus detections continue to occur, you’ve likely not cleaned it and should seek professional help. If you can’t confidently get a virus scanner working on the computer, treat it as if it has a virus you can’t clean and seek professional help.

Here are also some notes:
– Your computer may have been accessed with no trace of that access left behind. You may not be able to tell with one hundred percent certainly that this did happen.
– If you think your data breach may have been financial – be sure to keep a close watch on your bank and credit card statements from any unusual activity. Reporting that to the appropriate party immediately may save you crazy charges.
– No virus scanner will completely protect you from viruses. No password is perfect and safe. Change passwords often and use up to date virus and spyware scanners.

Preventing the Worst
1. Use better passwords and even consider using what’s called two-factor authentication for those systems that support it.Your email account is generally the most important to protect, so make sure any access to this point of information is protected (a password on your phone, only use trusted computers to log in, use two factor authentication, be sure to log out when your session is finished).
2. Updates. They are a pain, but be sure that all of the devices you use are updated at a regular rate and continue to update. In many cases, vulnerabilities you worry about are fixed with a simple update. And, these are usually free.
3. Encrypt and Backup your data in a safe place. use tools like TrueCrypt to protect the data no matter where it is and backups that can be kept in a safe place.

If you rely on technology everyday, you should make it a point to understand more about how it works, what things can go wrong and be mindful of the ways that data breaches can occur. Pay attention to news about sites that have had data leaks and change passwords if those events might apply to you. Be sure to always ask questions of people you trust and be vigilant. While malicious hacking of systems is clearly on the rise, many of the things you can do to protect your data are just common sense. Do you have any other thoughts on what to do when suspecting a data breach?