Cybercriminals recently breached a widely used payroll system to expose and ransom data from its users.
Among the affected firms were several large UK companies including British Airways, Boots, and the BBC.
MOVEit, a third-party payroll system from IT solutions provider Zellis, was breached using an apparent vulnerability in the software, which resulted in hundreds of employees’ data being held for ransom by hackers.
In today’s digital landscape, businesses heavily rely on third-party software providers for Software-as-a-Service (SaaS) solutions and managed services. However, the unfortunate reality is that cyberattacks can strike even the most trusted and competent IT service providers.
When faced with such a situation, it is crucial for businesses to be prepared and take swift action to minimise damage, protect sensitive data, and restore normalcy.
Here are some essential steps you should follow if your IT provider falls victim to a cyberattack.
- Establish Communication: Contact the provider promptly to gather accurate information about the incident, the affected systems, and the actions they are taking to mitigate the attack. Regular updates will help you make informed decisions regarding your own business operations.
- Assess the Impact: Conduct a comprehensive assessment of the extent of the breach on your systems, networks, and data. This will help you prioritise recovery efforts and allocate resources effectively.
- Activate Your Incident Response Plan: If your IT provider experiences a cyberattack, activate your own incident response plan immediately. Your plan should outline the steps, responsibilities, and communication protocols to ensure a coordinated and efficient response.
- Secure Your Assets: Collaborate with your IT team to reinforce your internal security measures. Consider changing passwords, implementing multi-factor authentication, and enhancing network monitoring to detect any suspicious activities.
- Evaluate Backup and Recovery Options: Determine whether your data has been compromised or if it remains intact. If you have regularly backed up your critical information, discuss with your IT provider the feasibility of restoring your systems from the most recent backup to minimise downtime and data loss.
As a preventative measure, consider engaging an external cybersecurity expert who can provide an unbiased assessment of your systems and guide you through creating a response and recovery process.
They can help identify vulnerabilities, assist in restoring your systems, recommend preventative measures, and train your staff on the importance of security best practices.
If you’re in need of a cybersecurity partner to keep your systems safe, monitored, and compliant, get in touch with YourShortlist today to receive a bespoke shortlist of suitable providers.