Steven Martin reveals what to do when a virus penetrates your network
Once a virus has penetrated your security defences it can quickly rip through your computer network, destroying files, corrupting data, rendering applications useless, and in general causing an expensive lull in productivity.
Many small and medium businesses are aware of the dangers of an attack and the need for anti-virus software, but not all would be so sure about how to recover once a virus has hit.
If your business has suffered a virus attack and your network has been compromised, you’ll need to act fast in order to prevent the virus from spreading to other computers on your network.
Here are some recommendations on how to quickly get your small business back up and running again:
Disconnect and Isolate. If you suspect one of your computers has suffered a virus attack, immediately quarantine the computer by physically disconnecting it, to avoid infecting other computers connected to the network. If you suspect other computers may be infected as well, even if they aren’t displaying any symptoms, still treat them like they are. It’s counter-productive to clean one machine while an infected computer is still connected to the network.
Focus on the clean up. Once you have physically disconnected the computer, remove the malicious code using virus removal tools that are written for the specific virus that’s causing the damage. Many of these tools can be found on the internet. In addition, your anti-virus software should have updates or patches available for the specific security threat. If your antivirus software hasn’t been updated recently, be sure to update it.
Reinstall your operating system. After a virus attack, damages may range from changed file names to obliterated files to permanently disabled software applications. The extent of damage depends on the particular virus. If your operating system is completely destroyed, you’ll need to reinstall your operating system by using the quick restore CD that came with your computer. This will restore your computer to its original configuration, meaning that you’ll lose any applications you may have installed or data files you may have saved. So, before you begin the reinstallation process, make sure you have all the necessary information handy (e.g. the original software, licenses, registration, and serial numbers.)
Restore your data. This is assuming that you have been diligent about backing up your files. If you haven’t been doing a regular backup of all of the data and files on your computer’s hard drive, your files will most likely be permanently lost. If this is the case, learn from your mistake and make sure to back up on a regular, ongoing basis from now on. And bear in mind not all viruses target data files. Some only attack applications.
Scan for viruses. After restoring and reinstalling, subject your network to a thorough virus scan. Use the most recent virus definitions available for your anti-virus software. Be careful not to overlook anything; scan all files and documents on all computers and servers on your network.
Prevent future attacks. Run antivirus software and keep virus definitions current. Make sure your security patches are up to date. And, if you haven’t been running antivirus software, begin to immediately in order to prevent future attacks. Also, if you lost data files in the recent attack, create and enforce a regular backup schedule.
Moreover, change ALL of your passwords, including ISP access passwords, FTP, email, and website passwords. Some viruses can capture or crack passwords, leading to future vulnerabilities. By changing your passwords, you’ll be able to boost your security.
Above all, learn from your mistakes. If a virus penetrated your defences, consider changing or enhancing your current security practices. Ask yourself why your previous security measures weren’t effective. Did you need a firewall? Were you lax about updating virus definitions and security patches? Did you download files without scanning them first? Now is an ideal time to comb through, edit, and reinforce your IT security policy, as you’ll need to shore up the holes in your security practices. After all, prevention is always the best security policy.
* Steve Martin is manager of the mid market sector for Symantec in the Pacific region.
* The opinions expressed in this article are those of the author, and don’t necessarily reflect the opinions of DYNAMICBUSINESS.com or the publishers.