Have you been hacked?

In line with Cyber Security Awareness month, here are some of the most common types of attack and what to do if you experience an attack.

Cyber attacks are a growing and expensive trend that threaten both individuals and organisations. Regardless of how careful you are about keeping your sensitive information private, hacking can, and does, happen.

What are the different types of attacks?

Some of the most common attacks include:

• phishing attacks - read more on How to keep safe from phishing scam messages
• malware - cyber criminals use malware (malicious software) to gain access to your computer without you knowing, in targeted or broad-based attacks to steal your personal information
• ransomware - a dangerous type of malware that works by locking up or encrypting your file or device so you no longer have access
• identity threat - cyber criminals gain access to your personal information to steal money or other confidential information. They can create fake identity documents in your name but with another person’s photograph.

How to know if you have been hacked

Some signs of hacking and scamming are obvious, such as having your files held to ransom or money disappearing from your account, but there are some other subtle signs that something may be wrong. These may include:

• not being able to access your accounts or noticing unusual account activity
• your device behaving abnormally, such as running very slowly or restarting unexpectedly
• someone claiming to know your password or have compromising photos or videos of you
• software that you don’t remember installing continuously prompting for access or updates
• changes to desktop items
• missing emails or emails you didn’t send showing in your ‘sent items’.

What to do if you think you have been hacked

Exactly what you need to do will depends on the nature of the attack you have experienced.

The Australian Cyber Security Centre (ACSC) has launched a new online tool to help people who believe they are a victim of a cyber-attack, called have you been hacked? This resource will guide you through what to do next.

Here are some general tips:

Respond swiftly if you have suspect malicious activity on your device

Do not panic. Do not switch off the computer as it may remove precious traces for investigation. Unplug your computer from the internet or network. If the attack has occurred on your ACU computer or account, report to your peers and supervisor accordingly, and contact Service Central. Contact relevant services such as your bank if required.

Change your passwords

Change any passwords on all accounts you think might have been affected immediately. If you use the same password across several accounts, make sure your password is strong and unique from now on. Here's some more information on setting strong passphrases - a more secure version of passwords. Maintaining a strong password is important because cyber criminals are looking for any point of entry into a larger network and may gain access through a weak password.

Enable multi-factor authentication (MFA)

Once your passwords/passphrase are protected, make sure your logins are equally as secure by using multi-factor authentication. This added measure helps to ensure you are the real person associated with the account you are trying to access.

Scan your computer using antivirus software

Run your antivirus software on your device. This will identify if any malicious activity which may have occurred and automatically remove any malicious programs or files.

ACU staff and students can use Sophos antivirus for free on up to 10 devices. Follow these instructions on manually scanning your device.

Want to learn more?