Most businesses are afraid to take action because internet security incidents are seen as an embarrassing PR issue. Hushing up or not reporting internet crime does not fix the problem, it perpetuates it.
If the incident involved the modification of data on your network or someone has obtained access illegally, the offender can be charged, convicted and sent to jail. If you have put together a solid incident management plan, you should be able to take high quality evidence to police that will result in a conviction.
Being portrayed in the media as having been instrumental in the conviction of a criminal rather than the hopeless victim of yet another internet hacking event is a great PR opportunity for any business or IT organisation.
Involve the police. The earlier the better. Know who to call before the incident has happened, this should be in your Operational Readiness plan. The Australian Federal Police and CERT Australia have excellent cybercrime teams who are very helpful, have their numbers in your plan documentation.
I am a telco & internet entrepreneur, nerd wrangler and massive lover of bacon. I was involved in the investigation of and successful conviction of David Noel Cecil – “Evil, The NBN Hacker”.
This article is written from the experiences I had before, during and since the successful execution of Operation Damara. My experiences are from a telco perspective however they are just as applicable to corporate and government networks.
I currently work with several Australian Telco’s and IT businesses, developing Incident Response Plans and helping them ensure the ongoing continuity of their mission critical infrastructure.
If your organisation doesn’t have a strategy for dealing with internet security incidents, I would love to help you out!
Shoot me an email – firstname.lastname@example.org or grab me on Social Media for more information.