(also cyber event, cybersecurity incident)
Cyber incident definition
A cyber incident happens when an attacker attempts to breach or successfully breaches the security measures of a digital system, network, or service. Cyber incidents encompass mere attempts at unauthorized access to actual damage, disruption, or theft. These events can lead to data loss, financial loss, harm to an organization’s reputation, and even physical damage in cases where cyber-physical systems are compromised.
See also: cryptolocker ransomware
Cyber incident examples
- Phishing attack: Involves sending fraudulent emails that appear to come from reputable sources with the aim of stealing sensitive data like credit card numbers and login information.
- Ransomware attack: A type of malicious software designed to block access to a computer system until a sum of money is paid.
- DDoS attack: Occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers.
Responding to cyber incidents
- Promptly identify and assess the incident to understand its potential impact.
- Follow a pre-established incident response plan.
- After addressing the immediate threat, investigate the incident to prevent future occurrences.
- Report the incident to relevant authorities and affected parties to comply with legal and ethical responsibilities.