Reporting Cyber Incidents, vulnerabilities and phishing scams
It's occurring more and more lately - credit card numbers being stolen and email viruses spreading. Maybe you've even been a victim yourself. One of the best defenses is understanding the risks, what some of the basic terms mean, and what you can do to protect yourself against them.
Reporting Cyber incidents, vulnerabilities and phishing scams
The US-CERT (United States Computer Emergency Readiness Team) encourages you to report any suspicious activity, including cybersecurity incidents, possible malicious code, software vulnerabilites and phishing-related scams. You can find the reporting forms on US-CERT's Webpage at www.us-cert.gov .
What is an incident?
A good but fairly general definition of an incident is the act of violating an explicit or implied security policy. Unfortunately, this definition relies on the existence of a security policy that, while generally understood, varies among organizations.
In general, types of activity that are commonly recognized as being in violation of a typical security policy include but are not limited to:
- attempts (either failed or successful) to gain unauthorized access to a system or its data, including Personally Identifiable Information (PII) related incidents. For more information on the privacy guidelines for incident handling, refer to the DHS Privacy Incident Handling Guidance (PIHG).
- unwanted disruption or denial of service
- the unauthorized use of a system for processing or storing data
- changes to system hardware, firmware, or software characteristics without the owner's knowledge, instruction, or consent
What is phishing?
Phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords, that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code.
What is malware?
Malware is a general term used to refer to a variety of forms of hostile or intrusive software. The term applies to both true (malicious) malware and unintentionally harmful software.