An incident is the occurrence of an event. A computer security incident is a violation or breach or imminent threat of violation or breach of information security policies, acceptable use policies, or standard security practices.
Examples of information security incidents are as follows:
- A user provides illegal copies of software to others through peer-to-peer file sharing services.
- A person threatens another person through email.
- An attacker commits a physical break-in or intrusion to steal computing resources or damage communications hardware.
- A perpetrator obtains unauthorized administrator-level access to a system and the sensitive data it contains, and then threatens the university that the details of the break-in will be released to the press if the university does not pay a designated sum of money.
A software worm uses open file shares to quickly infect several hundred workstations within the university.
The university receives a warning from an antivirus vendor that a new software worm is spreading rapidly via email throughout the Internet. The worm takes advantage of a vulnerability that is present in many of the university’s computers. Based on previous antivirus incidents, the university expects that the new worm will infect some of its workstations within the next three hours.
Denial of Service
- An attacker sends specially crafted packets to a web server, causing it to crash.
- An attacker directs hundreds of external, compromised workstations to send as many Internet requests as possible to the university’s network.
Multiple Component Incident
A combination of any of the above types of computer information security incidents.
To Report an Security Incident
We will investigate and prioritize all IT Security Incidents. Report IT Security Incidents to the VSU Service Desk or (804) 524-5210