As a victim of digital (internet) crime, you may feel powerless: the perpetrators seem to be anonymous and invisible. The impact on your organisation can be enormous. Fox-IT offers solutions in such situations.
Examples of criminality which Fox-IT can assist in combating:
- Hacking attempts. Your system administrator suspects an intrusion on a server. You don’t know what has been stolen, how they got in or how long it’s been going on.
- Digital vandalism Your servers are suddenly processing vast amounts of traffic. This makes them inaccessible. You suspect an attack.
- Information leakage You see that confidential information has been made public. This causes damage to your company. You have suspicions, but you don’t know who did it, when, or how.
In all these cases: you want to get back to work quickly, track down the perpetrator or take legal steps.
What should you do?
How should you act in a cybercrisis situation? The rules are simple:
- Don’t panic. What happened, happened. Now staying calm and coordinated working is the best course.
- Don’t touch the equipment. Don’t switch off any servers, or clone them, or reinstall them. If you do, there’s a significant chance that any evidence will disappear. This applies to many, but not all the machines in your network. When in doubt: see the next point.
Contact Fox-IT to report the incident
Call Fox-IT on 015 – 2847 999. Ask the Cybercrime unit for advice.
On the phone we will question you about the nature of the incident, the impact and your own suspicions. A quick sounding board with one of our specialists often follows. During this registration we will draw up an action plan, and we will go into action.
The action depends on your objective: do you want to get back to work as quickly as possible, or get to the bottom of things?
- Investigation of the incident starts immediately after registration We appoint a crisis coordinator for major procedures. What exactly is going on? How long has it been happening. What or who is involved?
- Recovery is important if you want to get to work again quickly. For some incidents, such as DDOS (distributed denial of service, or coordinated attacks on your servers), it’s vital that alternative communication lines must be created quickly. How can we tackle the incident as quickly and as responsibly as possible?
- Emergency monitoring is important during and after the incident Is the incident over? Has it been the only incident or are there others? By inserting smart sensors into your network, you have immediate access to a security team which guards you night and day.
- Digital evidence ensures that you can take legal measures. Our forensic experts secure the evidence using legally responsible methods, investigate it, produce reports, and can fulfil the role of legal experts.