Secure After Malicious Action: Difference between revisions

Line 5:

== Secure Your Devices and Accounts ==

Minimizing the damage caused by a cyber incident requires prompt action to secure your devices and accounts. Below are general guidelines and detailed steps ~~you can take~~ to strengthen your security posture.

Minimizing the damage caused by a cyber incident requires prompt action to secure your devices and accounts. Below are general guidelines and detailed steps to strengthen your security posture.

=== General Guidelines ===

* **Change All Passwords**:

* '''Change All Passwords''':

- Ensure all your accounts have strong and unique passwords.

** Ensure all your accounts have strong and unique passwords.

- Use a password manager to securely generate and store passwords.

** Use a password manager to securely generate and store passwords.

- Avoid reusing passwords across multiple accounts.

** Avoid reusing passwords across multiple accounts.

* **Enable Two-Factor Authentication (2FA)**:

* '''Enable Two-Factor Authentication (2FA)''':

- Activate 2FA for all your accounts to add an additional layer of protection.

** Activate 2FA for all your accounts to add an additional layer of protection.

- Choose app-based authentication (e.g., Google Authenticator, Authy) over SMS-based 2FA for enhanced security.

** Choose app-based authentication (e.g., Google Authenticator, Authy) over SMS-based 2FA for enhanced security.

* **Update Software and Security Systems**:

* '''Update Software and Security Systems''':

- Regularly update your operating systems, applications, and antivirus software to patch vulnerabilities.

** Regularly update your operating systems, applications, and antivirus software to patch vulnerabilities.

- Enable automatic updates wherever possible to stay protected from the latest threats.

** Enable automatic updates wherever possible to stay protected from the latest threats.

Line 27:

=== Steps to Secure Your Devices ===

1. **Disconnect from the Internet**:

# '''Disconnect from the Internet''':

- If you suspect a breach, immediately disconnect the affected device from all networks to limit the attack's spread.

** If you suspect a breach, immediately disconnect the affected device from all networks to limit the attack's spread.

- Avoid connecting external devices (e.g., USB drives) that could also be infected.

** Avoid connecting external devices (e.g., USB drives) that could also be infected.

2. **Perform a Security Scan**:

# '''Perform a Security Scan''':

- Run a complete malware and virus scan using trusted antivirus software.

** Run a complete malware and virus scan using trusted antivirus software.

- If malware is detected, follow the removal instructions provided by your security software.

** If malware is detected, follow the removal instructions provided by your security software.

3. **Reset to Factory Settings (if necessary)**:

# '''Reset to Factory Settings (if necessary)''':

- If the device is heavily compromised, consider performing a factory reset.

** If the device is heavily compromised, consider performing a factory reset.

- Ensure you back up critical data before resetting and scan backups for infections.

** Ensure you back up critical data before resetting and scan backups for infections.

4. **Encrypt Your Devices**:

# '''Encrypt Your Devices''':

- Use full-disk encryption to protect sensitive data in case your device is lost or stolen.

** Use full-disk encryption to protect sensitive data in case your device is lost or stolen.

5. **Enable Firewalls and Security Features**:

# '''Enable Firewalls and Security Features''':

- Ensure firewalls are activated to block unauthorized access.

** Ensure firewalls are activated to block unauthorized access.

- Use built-in security features like "Find My Device" for remote locking or wiping.

** Use built-in security features like "Find My Device" for remote locking or wiping.

Line 52:

=== Steps to Secure Your Accounts ===

1. **Audit Your Accounts**:

# '''Audit Your Accounts''':

- Review your accounts for unusual activity, such as login attempts from unknown locations or devices.

** Review your accounts for unusual activity, such as login attempts from unknown locations or devices.

- Remove access for any unrecognized third-party applications or integrations.

** Remove access for any unrecognized third-party applications or integrations.

2. **Change Passwords**:

# '''Change Passwords''':

- Use strong, unique passwords for each account.

** Use strong, unique passwords for each account.

- Avoid passwords that use dictionary words or common phrases.

** Avoid passwords that use dictionary words or common phrases.

3. **Enable Account Recovery Options**:

# '''Enable Account Recovery Options''':

- Set up account recovery options, such as secondary email addresses and phone numbers, to regain access if needed.

** Set up account recovery options, such as secondary email addresses and phone numbers, to regain access if needed.

- Verify that recovery information is up-to-date and secure.

** Verify that recovery information is up-to-date and secure.

4. **Enable Two-Factor Authentication**:

# '''Enable Two-Factor Authentication''':

- Use app-based 2FA for your most critical accounts, such as email, banking, and social media.

** Use app-based 2FA for your most critical accounts, such as email, banking, and social media.

- Consider hardware security keys (e.g., YubiKey) for enhanced protection.

** Consider hardware security keys (e.g., YubiKey) for enhanced protection.

5. **Monitor Account Activity**:

# '''Monitor Account Activity''':

- Regularly check account activity logs for unusual access or actions.

** Regularly check account activity logs for unusual access or actions.

- Enable alerts for suspicious login attempts.

** Enable alerts for suspicious login attempts.

6. **Deactivate or Delete Unused Accounts**:

# '''Deactivate or Delete Unused Accounts''':

- Close accounts you no longer use to reduce potential attack surfaces.

** Close accounts you no longer use to reduce potential attack surfaces.

- Ensure data is securely removed before deactivating accounts.

** Ensure data is securely removed before deactivating accounts.

== Additional Resources ==

* ~~For further guidance on responding to incidents,~~ refer to the [[incident-response-guide|Incident Response Guide]].

* refer to the [[incident-response-guide|Incident Response Guide]] for further guidance on responding to incidents.

* Consider using reputable online security platforms ~~for monitoring~~ and ~~managing~~ your accounts and devices.

* Consider using reputable online security platforms to monitor and manage your accounts and devices.

== Conclusion ==

@@ Line 5: / Line 5: @@
 == Secure Your Devices and Accounts ==
-Minimizing the damage caused by a cyber incident requires prompt action to secure your devices and accounts. Below are general guidelines and detailed steps you can take to strengthen your security posture.
+Minimizing the damage caused by a cyber incident requires prompt action to secure your devices and accounts. Below are general guidelines and detailed steps to strengthen your security posture.
 === General Guidelines ===
-* **Change All Passwords**:
+* '''Change All Passwords''':
-   - Ensure all your accounts have strong and unique passwords.
+** Ensure all your accounts have strong and unique passwords.
-   - Use a password manager to securely generate and store passwords.
+** Use a password manager to securely generate and store passwords.
-   - Avoid reusing passwords across multiple accounts.
+** Avoid reusing passwords across multiple accounts.
-* **Enable Two-Factor Authentication (2FA)**:
+* '''Enable Two-Factor Authentication (2FA)''':
-   - Activate 2FA for all your accounts to add an additional layer of protection.
+** Activate 2FA for all your accounts to add an additional layer of protection.
-   - Choose app-based authentication (e.g., Google Authenticator, Authy) over SMS-based 2FA for enhanced security.
+** Choose app-based authentication (e.g., Google Authenticator, Authy) over SMS-based 2FA for enhanced security.
-* **Update Software and Security Systems**:
+* '''Update Software and Security Systems''':
-   - Regularly update your operating systems, applications, and antivirus software to patch vulnerabilities.
+** Regularly update your operating systems, applications, and antivirus software to patch vulnerabilities.
-   - Enable automatic updates wherever possible to stay protected from the latest threats.
+** Enable automatic updates wherever possible to stay protected from the latest threats.
 <span id="devices"></span>
@@ Line 27: / Line 27: @@
 === Steps to Secure Your Devices ===
-. **Disconnect from the Internet**:
+# '''Disconnect from the Internet''':
-   - If you suspect a breach, immediately disconnect the affected device from all networks to limit the attack's spread.
+** If you suspect a breach, immediately disconnect the affected device from all networks to limit the attack's spread.
-   - Avoid connecting external devices (e.g., USB drives) that could also be infected.
+** Avoid connecting external devices (e.g., USB drives) that could also be infected.
-. **Perform a Security Scan**:
+# '''Perform a Security Scan''':
-   - Run a complete malware and virus scan using trusted antivirus software.
+** Run a complete malware and virus scan using trusted antivirus software.
-   - If malware is detected, follow the removal instructions provided by your security software.
+** If malware is detected, follow the removal instructions provided by your security software.
-. **Reset to Factory Settings (if necessary)**:
+# '''Reset to Factory Settings (if necessary)''':
-   - If the device is heavily compromised, consider performing a factory reset.
+** If the device is heavily compromised, consider performing a factory reset.
-   - Ensure you back up critical data before resetting and scan backups for infections.
+** Ensure you back up critical data before resetting and scan backups for infections.
-. **Encrypt Your Devices**:
+# '''Encrypt Your Devices''':
-   - Use full-disk encryption to protect sensitive data in case your device is lost or stolen.
+** Use full-disk encryption to protect sensitive data in case your device is lost or stolen.
-. **Enable Firewalls and Security Features**:
+# '''Enable Firewalls and Security Features''':
-   - Ensure firewalls are activated to block unauthorized access.
+** Ensure firewalls are activated to block unauthorized access.
-   - Use built-in security features like "Find My Device" for remote locking or wiping.
+** Use built-in security features like "Find My Device" for remote locking or wiping.
 <span id="accounts"></span>
@@ Line 52: / Line 52: @@
 === Steps to Secure Your Accounts ===
-. **Audit Your Accounts**:
+# '''Audit Your Accounts''':
-   - Review your accounts for unusual activity, such as login attempts from unknown locations or devices.
+** Review your accounts for unusual activity, such as login attempts from unknown locations or devices.
-   - Remove access for any unrecognized third-party applications or integrations.
+** Remove access for any unrecognized third-party applications or integrations.
-. **Change Passwords**:
+# '''Change Passwords''':
-   - Use strong, unique passwords for each account.
+** Use strong, unique passwords for each account.
-   - Avoid passwords that use dictionary words or common phrases.
+** Avoid passwords that use dictionary words or common phrases.
-. **Enable Account Recovery Options**:
+# '''Enable Account Recovery Options''':
-   - Set up account recovery options, such as secondary email addresses and phone numbers, to regain access if needed.
+** Set up account recovery options, such as secondary email addresses and phone numbers, to regain access if needed.
-   - Verify that recovery information is up-to-date and secure.
+** Verify that recovery information is up-to-date and secure.
-. **Enable Two-Factor Authentication**:
+# '''Enable Two-Factor Authentication''':
-   - Use app-based 2FA for your most critical accounts, such as email, banking, and social media.
+** Use app-based 2FA for your most critical accounts, such as email, banking, and social media.
-   - Consider hardware security keys (e.g., YubiKey) for enhanced protection.
+** Consider hardware security keys (e.g., YubiKey) for enhanced protection.
-. **Monitor Account Activity**:
+# '''Monitor Account Activity''':
-   - Regularly check account activity logs for unusual access or actions.
+** Regularly check account activity logs for unusual access or actions.
-   - Enable alerts for suspicious login attempts.
+** Enable alerts for suspicious login attempts.
-. **Deactivate or Delete Unused Accounts**:
+# '''Deactivate or Delete Unused Accounts''':
-   - Close accounts you no longer use to reduce potential attack surfaces.
+** Close accounts you no longer use to reduce potential attack surfaces.
-   - Ensure data is securely removed before deactivating accounts.
+** Ensure data is securely removed before deactivating accounts.
 == Additional Resources ==
-* For further guidance on responding to incidents, refer to the [[incident-response-guide|Incident Response Guide]].
+* refer to the [[incident-response-guide|Incident Response Guide]] for further guidance on responding to incidents.
-* Consider using reputable online security platforms for monitoring and managing your accounts and devices.
+* Consider using reputable online security platforms to monitor and manage your accounts and devices.
 == Conclusion ==