Have I been hacked?
This question needs to be answered quickly and efficiently.
Recognize initial signs
Attackers operate in secrecy. Hacker attacks can take months before they are noticed by a company. It is crucial to obtain certainty quickly and efficiently in the event of a suspected attack in order to minimize the resulting damage. An initial suspicion might exist, but is often not followed up due to incorrect risk assessment, lack of time, lack of know-how or lack of financial resources. Serious financial damage and loss of reputation are often the consequences of this misjudgment.
Following events can be indicators of an attack and should definitely be taken seriously and examined in a structured manner:
Applications do no longer accept your login data
You email contacts receive fake emails on your behalf
An external party reports a security vulnerability
An employee has clicked on a link in a phishing email
Unknown files appear on your systems
Your virus scanner suddenly disappeared
A lot of failed login attempts show up in the event logs, or you see logins from service accounts you cannot explain
Your monitoring tool shows you unusual disk utilization outside of working hours
You see load peaks in your firewall at unexplainable times
You want to be sure, even without a comprehensive it forensic investigation?
Tell us about your suspicion. We are here to help.
Our pragmatic process model provides initial indications of whether attackers are in your IT systems. This gives you clarity and enables you to act appropriately. A comprehensive IT forensic investigation only makes sense if there is a justified suspicion.