How to respond if your computer is hacked

If you believe your computer has been compromised, the sooner you respond, the better. If the computer you are using was provided by your employer or is used for work, do not try to fix the computer yourself and do not turn the computer off. Not only could you cause more harm, but you could destroy valuable evidence used in an investigation. Instead, report the incident to your employer right away. If for some reason you cannot contact your organization or are concerned about a delay, disconnect your computer from the network and put it in sleep, suspend, or hibernation mode.

Warning signs your computer may be infected:

  • Computer has a dramatic loss of speed.
  • Computer frequently locks up or crashes.
  • Unusual Pop-Ups are being displayed.
  • Computer unexpectedly re-boots.
  • Essential tools and programs stop working.
  • Your web browser, homepage, or toolbars may have changed.
  • Friends say they received strange messages or emails from you.

Tips for dealing with a compromised device:

  • Backups: One of the most important steps you can take is to prepare well in advance and periodically backup your computer. Unfortunately, far too often the only option available on a compromised computer is wiping the system hard drive and reinstalling the operating system or purchasing a new computer. Either way, you will need your backups to recover the data.
  • Immediately change your passwords: Be sure to change all your passwords, including passwords used to access online accounts. Be sure to change your passwords from a computer you know is secure and trusted.
  • AntiVirus: If your AntiVirus software informs you of an infected file, you can follow the actions it recommends. Usually this will include quarantining the file, cleaning the file or deleting the file. Most AntiVirus software will have links which you can follow to learn more about the specific infection. When in doubt, quarantine the file.
  • Professional Help: If your computer has been hacked, you may want to consult a professional that is accustomed to dealing with this situation. If your AntiVirus software cannot remediate the virus, one of your only options may be to Re-install. This is not always an easy task. You may have to transfer files from the infected computer to a new computer to recover everything and if this is not done correctly, you may also transfer the malware from your infected computer to the new computer. A far safer alternative is to take the infected computer to a qualified technician who can safely recover these files without risking transferring the infection.