PANIC: HOW TO RESPO...
 
Notifications
Clear all

PANIC: HOW TO RESPOND TO INCIDENT

5 Posts
4 Users
0 Reactions
1,007 Views
 syfa
(@syfa)
New Member
Joined: 8 years ago
Posts: 2
Topic starter  

Hello!

The organization should know the tips or procedure to responding to the incident related with cyber-attack that may attack their sensitive and confidential information.

My question, what is the action should be taken by the individual or organization to respond on incident that related with cyber-crime or cyber-attack?

Your concern benefit to others. Thank you ? .


   
Quote
Igor_Michailov
(@igor_michailov)
Honorable Member
Joined: 20 years ago
Posts: 529
 

Ask the good guys about it https://www.digitalforensics.com/


   
ReplyQuote
Bunnysniper
(@bunnysniper)
Reputable Member
Joined: 13 years ago
Posts: 259
 

My question, what is the action should be taken by the individual or organization to respond on incident that related with cyber-crime or cyber-attack?

Any company or organisation with a permanent accesst to the Internet should be prepared how to respond to those incidents today. If the organisation is not prepared, call professional Incident Response Teams from www.verizon.com, www.kpmg.com, www.mandiant.com, www.crowdstrike.com or others, for example. But they will cost more than the money the organisation should already have spent to be prepared to repond to these incidents.

In general, the answer to your question is to complex to be answered with one reply. Incident Response is very complex and has a strong relationship to IT Security and Digital Forensics.

One advice for you without any invoice keep calm. Usually hackers are already inside an organisation for several months or years, so do not panic and document everything what you are doing.

good luck,
Robin


   
ReplyQuote
 syfa
(@syfa)
New Member
Joined: 8 years ago
Posts: 2
Topic starter  

Thank Robin,

One of the internet provider has been attacked by the unknown attacker. That causes the interference of the customer’s internet of that provider. There are several techniques used by attacker to disturb the network. As a result, the attacker target the critical infrastructure after organization provides additional information about attacker. From this situation, the DNS provider should aware on this threat and know on how to respond to the incident.

What about above situation, did that organization really need other organization help?


   
ReplyQuote
MDCR
 MDCR
(@mdcr)
Reputable Member
Joined: 15 years ago
Posts: 376
 

What about above situation, did that organization really need other organization help?

Generally speaking, if you can't solve something buy yourself, either give it up or find help. It is always better to stop attacks upstream before they reach the destination.

Do not assume that a company that delivers IT services has a clue about security, they could be totally oblivious to attacks. I know some smaller ISPs may want to advertise that "our security is great" meaning they installed a firewall 10 years ago and have a compliance document that says so.


   
ReplyQuote
Share: