KNOXVILLE (WATE) – It has happened to all of us. You open an email with an attachment, and now your laptop won’t respond and is going slowly or your bank statement is showing transactions you didn’t make.
Once your computer has been compromised by a virus or hack, you must take action to keep your information from being lost for good. Most of this information applies to desktop and laptop computers only, but we will cover some mobile device tactics as well.
WATE 6 On Your Side Anchor Lori Tuckers talks with Moxley Carmichael’s digital expert, John McCulley, about the basic steps you should take to get back up and running after you’ve been hacked.
Here are the basic steps to get back up and running after you’ve been hacked.
1. Isolate your machine from the network and other devices
In order to sever the hacker’s ability to use your devices, it must not be able to attach to a network (WiFi, Ethernet or cell). Cutting the connection keeps your infected machine from infecting other machines and also stops the hacker from gaining further access.
To do this, simply disconnect from WiFi or pull the Ethernet cable out. On cellular devices, go to settings, and disable cell signal. If you cannot access the cell or WiFi settings, shut the device down and contact an expert.
2. Shut down the computer and remove the hard drive
If you do not have experience with this, please seek the help of a professional. Once you’re disconnected from the network, remove the physical hard drive from the machine, and connect it to another machine as a non-bootable, external device. Non-bootable means the parent/host machine will not try to execute the information on the drive.
You can attach the drive to another machine using an external USB enclosure, which can be purchased online via Amazon or Newegg.
Make sure the host machine has up-to-date virus/malware software installed. Also add rootkit detection software to the machine for this scan. Sophos and McAfee have reputable products for this.
3. Use the host machine to scan the drive for viruses, malware or rootkits
Using up-to-date virus/malware software, scan the entire drive. If infections are revealed in the scan, look them up on Google to confirm, and then use the software to eliminate them.
4. Once the infection is removed, use an external hard drive or cloud backup service to back up your important files
Having external and offsite backups will allow you to simply erase the hard drive and restore it if future issue arise. This can save you valuable time and money in the event of a hack, because if anything goes wrong, you simply start fresh with a good set of data.
5. Reformat (wipe) the old hard drive
This ensures a clean slate. If the drive is wiped of all data, there can be no virus left to harm you. This process may take up to 2 hours on a 1 terabyte hard drive.
6. Reinstall the operating system and update
Reinstall your operating system of your choice using a clean, licensed copy. Then, before returning your data to the machine, install good antivirus/malware software and all updates.
7. Perform a final antivirus/malware scan of your data before returning it to the machine.
Make a final, complete backup of the machine.