Steps to take, in order of priority,
if your personal residence is hacked…

This new age of internet based social
communities presents an entire new frontier for cyber criminals.  New cyber-attack methods are being invented
every day.

If you believe that one of your core
personal accounts have been hacked, time is of the essence!  Time of response can often affect additional
losses of data, logical access to important accounts, and critical personal information
which all can result in significant financial loss.

For more info ……

Step 1: Terminate Access: determine the offending system or person and terminate access

• Terminate physical and network access for each component of the home network
• Secure access to core personal accounts on the internet such as: email, banks, and social media (i.e., Facebook, Google, Apple). Using an uncompromised system:
  • Change passwords starting with email accounts first since email is used to reset passwords of other accounts.
  • Change passwords to all banks, investment accounts or otherwise critical information.
  • Each password should be unique from the passwords used on other internet facing portals. For instance, you don’t want to use the same password for Facebook, your email, and your bank account.
  • Store your passwords in a secure location using an application like Lastpass. You can’t expect to memorize a different password for each account and if you use some sort of scheme it will result in poor security.
• Reset router and wi-fi equipment and change the admin passwords
• Review wi-fi security and configure best practices

     Note:  In this stage you need to assess what is known to be lost or compromised

Step 2: Investigate the Incident: investigate how the systems were compromised. 

• Identify the source of compromise.
• Is it malware, ransomware, hacker etc.
• What accounts were compromised
• What systems were compromised
• Once you know the details you will be better able to make sure step 1 was done properly

     Note:  This step will require a cybersecurity engineer to assist in the investigation. 

 Step 3: Secure Compromised Systems: investigate each system for compromise, these steps are roughly the same for PCs, laptops, tablets, and phones

• Systems compromised by ransomware may be irrecoverable
• It’s generally a bad idea to pay the ransom
• Install antivirus and antimalware software packages
• Scan each of your systems for compromise
• Review processor, memory, and disk usage
• Review running programs and processes
• Checkout installed software and browser plugins for suspicious software
• In some cases, you may need to completely re-install the operating system of the computer or phone

     Note:  This step will require a cybersecurity engineer to assist in the investigation. 

Step 4: Learn and improve: the idea here is that you go back and setup secure practices moving forward so that a similar incident doesn’t happen in the future.

• Security training is important, make some time to learn more about social engineering attacks and security best practices.
• Use a password storage app like Lastpass
• Make sure your antivirus and malware software packages are up to date
• Review your system(s) for missing patches and configure auto-patching
• Review and improve wireless security setup parameters
• Activate firewall configurations on local computers

     Note:  Security training is arguably the most important since no software can prevent us from being fooled by a con.