Reporting electronic attack incidents
CPNI co-ordinates intelligence and develops advice on information systems vulnerabilities and electronic attack threats. In support of this function, CPNI has to gather data concerning electronic attack incidents in order to evaluate the ever-changing threat. The threat can be most easily assessed from the various types of attack that the community is observing in real time. The primary source of such information is therefore from the community itself. It is extremely important that such electronic attack incidents are reported to CPNI at infosec@cpni.gov.uk
Where possible when reporting electronic attack (eA) incidents they should be categorised as:
- blocked hacking attacks where there are clear indications that a network or system has been attacked
- malware blocked due to suspicious process activity detected by heuristic anti-virus scanning. Do not report malware routinely blocked by anti-virus software
- actual malicious software infection
- successful hacking attacks
- malicious denial of service attacks
- data interception and monitoring
- other anomalous behaviour, malware, hacking or exploitation of new vulnerabilities (zero-day) in hardware or software systems.
CPNI is not a law enforcement agency and incidents relating to criminal activity should be reported via the UK police service portal found at www.police.uk/
19/07/2007