Incident response (IR)
Incident response is an organised approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident or security incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.
P1 Cyber can help you when your having an Incident, we specialise in providing expert support all types of attacks.
Types of security incidents
There are various types of security incidents and ways to classify them. What may be considered an incident for one organization might not be as critical for another. The following are a few examples of common incidents that we have previously dealt with:
- A Distributed Denial of Service (DDoS) attack against critical cloud services that left a business unable to operate.
- A Malware Infection / Ransomware Attack that has encrypted critical business files across the corporate network that resulted in a business being unable to operate.
- A successful phishing attempt that has led to the exposure of Personally identifiable information (PII) of customers which led to a fine being issued from the Information Commissioner Office (ICO).
What is a Distributed Denial of Service Attack?
A distributed denial-of-service (DDoS) attack is one of the most powerful weapons on the internet. When you hear about a website being “brought down by hackers,” it generally means it has become a victim of a DDoS attack. In short, this means that hackers have attempted to make a website or computer unavailable by flooding or crashing the website with too much traffic.
What is a Ransomware ?
Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. This class of malware is a criminal moneymaking scheme that can be installed through deceptive links in an email message, instant message or website. It has the ability to lock a computer screen or encrypt important, predetermined files with a password.
What is a Phishing attack?
Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information.