Types of Incidents in Cyber Security


Types of Incidents

We routinely respond to incidents that can be categorized into one of five major types:

  • Compromised Computing Resources, which includes:
    • System (OS) account compromises
    • User account compromises

  • Email based abuse, such as:
    • Unsolicited Commercial Email (UCE), more commonly known as “spam”
    • Phishing Emails, which seek to have the recipient respond with either user credentials or personal information.

  • Copyright Infringement Reports

  • Network and Resource Abuses, including:
    • Network scanning activity
    • Denial of Service attacks

  • Resource misconfiguration and abuses, like:
    • Open proxy servers and anonymous ftp servers
    • Vulnerable software configurations that may result in a future compromise.
    • Abuse via web forms and blog sites
    • Misuse of licensed resources
    • Other impolite behaviors that violate our Policy on Computing Ethics.

Severity of Incident

Incidents are triaged according to the severity of the incident. Some factors that contribute to severity are:

  • Safety concerns for people and buildings
  • Loss or exposure of personal or institutional data
  • Violation of laws and contracts
  • Interruption of service to a community
  • The size of the affected community

Did you find this article useful?