DO

DON'T

• Keep calm. You've got them!

• Start panicking

• Shut your PC/Laptop/Phone network off OR switch off the hacked device. 

You should store as much evidence as possible. The best way for this is to shut it down and let the professional specialist to the job. 

• Actively struggle with hackers over your mouse and keyboard.

Every second of struggle-out is giving hackers a chance to wipe all the evidence out.

• Report to the FBI following this link: https://www.ic3.gov/default.aspx

IMPORTANT: Before the reporting make sure that you really (I mean REALLY) sure that you are under attack.

Agency is getting hundreds of thousands of requests a year. The major portion of them is actually not related to cybercrime.

• Call the police (despite our high respect for them)

Police are working over the specific location, also called Jurisdiction.
The local police are responsible for the city.
Sheriff's office is responsible for the county.
Highway Patrol is doing their job through the state.
Cyberworld in the majority of cases is world-wide. That's definitely fallen out of the Police responsibilities. At least for now.

• Backup everything to the external device 

You should store as much evidence as possible.
The crucial part of the evidence is stored on a hacking device. Ask the related specialists to store the image of your hard-drive or backup of your phone to external storage.

For All Apple Devices - Contact and Visit the nearby Apple's Genius Bar

For All Windows and Android Devices - Check the closest computer store with Customer Support. For instance, Best Buy has Geeks team available for that.

• Wipe it all out

This is exactly what hackers need.
They will really appreciate if you destroy with your own hands.

• Stop using the hacked device. Switch it off completely. Take the new one.

Ideally, the hacked device is evidence of someone's illegal activity. It should be stored and given at a certain moment to a law enforcement agency. However, you need a mobile phone and computer to communicate with your friends, family colleagues.

If you can - you should buy something new.

If you can't buy a new one - you should re-install all the compromised devices from scratch. However, first things first - backup all evidence to the external hard-drive.

If you need to do something immediately - use the nearest library, there must be computer stations available for everybody.

• Keep using your hacked device

More time you are using your hacked device - more chances you are giving to hackers to get your personal information: ids, social security, credit cards, photos, videos, documents, and all your friends and family contact information. This way, the attack can go on, spreading through the people you trust and value more than others.

• Inform everyone about accident ASAP

Inform everyone that hackers are operating your devices. It will save a lot of time, nerves and money for everyone.

Moreover, there can be people who can volunteer and help you with this problem. Nobody knows the real power of their network unless they try it, right?

• Tell anyone about the attack

Don't tell anyone about the attack, so they'll be surprised when hackers will start sending them messages from you asking for financial support. 

They will be even more surprised when they'll open a link sent from your device and will get compromised or Identity theft.

•  Get control over your online accounts

ATTENTION! Make sure that you are accessing your online accounts from the safe environment. Don't use hacked devices to change your passwords - this action will have no sense, moreover, it will grant intruders with your new passwords, so you will just waste a time.

Using new devices - change all the passwords starting from the most critical iCloud, Gmail, Dropbox, etc.

• Leave your online accounts for hackers

That's definitely what has a special value for hackers. Online accounts, especially iCloud, Google, Gmail, Outlook, Yahoo tall of them and any of them is a gold mine of personal information, confidential information, identity, passwords, keys. Through it, they can dig down to get access to other accounts, for instance to the bank account.
In many cases, black-hats are ransoming people with their private pictures. It happens not only for celebrities.

•   Keep everything safely stored

It's just common sense. No-one will store their money on the open space, right? There are banks for this, right?

Keep keys and passwords in a specific system like iCloud Keychain (we recommend it for iOS, MacOS Users) or one of these solutions reviewed by CNET.

Gmail, Yahoo - great services for e-mail storing. By the way, they are providing the history of IP addresses, which accessed every specific account. [HINT: we've got a good portion of blackhats screwed there]

However, unfortunately, there is no such thing as an encrypted mailbox, yet.

So, let's switch to safe storages. Actually, we are normally recommending the local SAN storage. Simply speaking if you heard about Apple TimeCapsule - that's SAN. There is an overview of SAN solutions from PCMag.

Finally, there is a wide variety of Cloud storages. You can read about the best for this year reviewed by PCMag here.

Finally, to keep all this safe you have to change all these passwords. HINT: start with a keychain or other analogues. It will save your time to save all these new passwords.

•  Think that hackers need only money from you

If no one is asking for money, then the objective wasn't about ransoming attacked person.
Perhaps, someone already paid for it, because there are no hackers willing to risk spending 30 next years in prison just due to curiosity "what's stored in pictures on this laptop?"

In some cases, they are aiming documents, contractual relationships or just get your systems down, so you won't be able to do something.