This article discusses how to remove malware from your website if you believe you have been impacted by a cyber attack.
Getting Prepared
-
Understand the Situation. If your website is hosting malware, you have almost certainly been breached. This is an incident to be taken seriously.
-
Inventory Sensitive Data. If you're hosting sensitive data on the affected website, such as personal information, healthcare appointments, or credit card data, you'll want to ensure that you proceed with caution. You may have legal obligations that require reporting
-
Discover Your Backups. Verify if you have backups and if restoration is possible.
Contact All Necessary Parties
-
Contact your IT Staff. If you use a 3rd party IT staff, let them know that you have a security incident that needs to be dealt with. If you are hosting sensitive data (as previously mentioned), ask them to take the site offline, but do NOT destroy the site or restore from backup.
-
Contact Coalition. Coalition is able to offer pre-claims assistance to help walk through your next steps, as well as incident response services, should you wish to file a claim. If you have sensitive information at risk, please contact Coalition.
Restoration Options
(In order of complexity)
-
Restore from Backup. If you have adequate backups, you may wish to restore it from backup. After restoration, ensure that the malware was not included in the restored website. Also, as soon as restoration has occurred, change all passwords and update the website to the latest version.
-
Rebuild the Website. If you don't have backups, or if your backups all contain the same malware, you may need to rebuild the site from the beginning. This requires a reinstallation of the website software and re-creation of your content. While this is often time-consuming, it's also the best way to ensure there is no malware remaining on your website.
-
Manually Remove Malware. In some cases, you may be able to remove malware manually. This process is unique to each website and each breach, and should only be attempted when IT and security experts with this specific skill set are available.
(Note: If sensitive or regulated data is involved, please follow the advice of counsel in exercising your restoration options)
Website compromises happen, and Coalition is here to help. For more information on this topic, please reach out to us!