We talk a lot about being vigilant to cyberattacks on your business, what to look out for and how to best protect yourself from being targeted. But would you know what to do if someone did manage to attack your organisation? Whether you are a sole trader or multi site business, it's worth ensuring you and your team know what to do in advance.
Imagine arriving at work, be it an office, your home desk or your retail store, to find your computer system hijacked and a message demanding cash payment for the safe return of your customers’ data. What would you do next?
You are right to report this. You should always contact Action Fraud in the first instance, as they are the National Fraud and Cyber Reporting Centre. They have a 24/7 reporting service to help businesses deal with live cyberattacks, which are attacks that are still ongoing and affecting the company’s computer system, like the one we described earlier. In these instances, there is a chance to work with law enforcement to stop the attack and secure evidence that might prove helpful in a following investigation.
If you are the victim of a live cyberattack, here’s what to do and what happens next;
Call 0300 123 2040 immediately and press 9 on your keypad.
Your call will be dealt with as a priority and your live incident will be triaged over the phone.
You will be asked a series of questions to help identify what type of attack you are experiencing and be given advice/support whilst your report is passed immediately to the National Fraud Intelligence Bureau (NFIB).
The NFIB will review your report and conduct a range of enquiries, identify any connected reports or links to known criminals, assess opportunities for police action then send it to the relevant police agency. This can be your local police force Cyber Crime Unit or the National Cyber Crime Unit (NCCU), which is part of the National Crime Agency.
You will be kept informed of the status of your report.
If personal data has been stolen or accessed as part of the cyber-attack, you also need to report it under GDPR the to the Information Commissioner's Office (ICO). You can report a breach via their website: 'Report a Breach'
You’ll find more on live incident reporting and how to respond to other forms of cybercrime on the NCSC’s Small Business Guide to Response and Recovery.