Getting hacked has become a terrifying phrase in recent times.

The new, remote operating environment has ushered in significant technology-based opportunities for organisations. However, organisations must continue adapting their processes to respond to the impact left in the wake of COVID-19.

Last year, the BDO and AusCERT Cyber Security Survey found that data breaches caused by malicious hacking increased by 91 per cent, and accidental disclosures rose by almost 60 per cent.

To continue assessing and challenging these trends, reviewing your approach to managing cyber risk has never been more critical.

Our ten-minute annual survey allows you to benchmark your organisation’s approach to cyber risk against industry peers, and equip yourself with trend data to assess and optimise your organisation’s cyber security.

Below, we outline how you can spot the signs that you may have been hacked, and what to do next – in 27 steps.

Have I been hacked?

1. Check your email address at Have I Been Pwned: Check if your email has been compromised in a data breach
2. Your antivirus software picks up malware or other suspicious activities
3. You are signed out of your accounts, or you try to log in and discover your passwords do not work anymore
4. You receive unexpected emails or text messages about login attempts or two-factor authentication
5. You receive an email or text message from a company about a data breach you have been involved in
6. Your computer overheats and crashes often
7. Your internet browser homepage has changed
8. Your devices are behaving in strange ways
9. There are suspicious charges in financial statements for credit cards
10. You start seeing programs you never installed on your devices
11. Your mouse cursor is moving by itself, or windows are opening and closing without input
12. Your webcam light turns off and on without you using it.

Take control of your cyber security and reduce the impact of an attack by learning how to protect yourself online and how to respond if you have been hacked.

What if you have been hacked?

The first step is to contain the potential impact by following this advice:

1. Immediately change passwords for your emails and online accounts using a safe device (i.e., a phone, tablet or secondary computer that is not impacted by any suspicious activity)
2. If affected, inform your financial institutions that unauthorised activity has occurred
3. Disconnect affected devices from the internet
4. Request a credit report to identify unauthorised credit activity. Some free options can be found at Moneysmart
5. Sign-up for identity monitoring services to monitor personally identifiable information in credit applications, public records, websites and other places for any unusual activity that could be a sign of identity theft

Next is to eradicate the hacker from your systems:

1. Identify what caused the incident (Have you been hacked? | Cyber.gov.au)
2. Scan your devices and remove any malicious programs on Apple: Can iPhones Get Viruses? How To Check iPhone for Virus; Android: How to Scan for a Virus on Android | Tech Advisor; Windows: Stay protected with Windows Security (microsoft.com)
3. If you are unsure whether your computer or device has been compromised, seek help from a security professional
4. Set Multi-Factor Authentication (MFA) on all accounts
5. Patch regularly to ensure your device and applications are up to date for Apple: Update your iPhone or iPad – Apple Support; Android: Check & update your Android version – Android Help; Windows: Get the latest Windows update

Lastly, it’s time to recover your systems to normal operation:

1. Report the matter to authorities at ReportCyber | Cyber.gov.au
2. Install an antivirus software (if one is not already installed)
3. Setup regular scan intervals on the antivirus software including real-time scanning and start-up scanning
4. Reconnect affected devices to the internet
5. Education in keeping safe online is one of the best steps to prevent an incident from reoccurring in the future. Read the Australian Cyber Security Centre’s page: Do things securely | Cyber.gov.au

BDO’s Cyber Security team can help you understand your cyber risks and implement cyber resilience strategies to minimise the impact of a cyber attack on your business – get in touch.

The 2022 BDO and AusCERT survey closes at 5:00 pm on Friday, 18 November 2022.