A cyber threat to a computer system can occur two ways: When the system has been accessed by someone without the user's permission or when the system has been infected with malware, which in turn could compromise the data on the computer.
IS&T can help to detect, respond to, and recover from intrusions and data disclosure incidents, including IT security incidents involving electronic MIT business data of any kind. The system will be analyzed using forensics tools to determine if data was disclosed and if any parties need to be notified of a possible identity theft.
- Forensics - tools are used to determine the method of the attack and the attack's target within the file system
- Intrusion Analysis - the security technicians will determine if, in fact, data of a sensitive nature could have been disclosed or stolen
- Notification - IS&T works with the Office of General Counsel if a notification to affected parties is determined to be necessary
- Restoration - if the system has been scrubbed of malware, the system is restored to a clean, workable condition.
The IT Security Services team within the IS&T department should be immediately notified if a threat to sensitive data is suspected. Report the security incident to email@example.com.
Please note that handling such incidents can be time-consuming and sometimes costly. If you have any questions about what might be occuring on a system and whether the occurance warrants a notice to the security team, don't hesitate to first contact the IS&T Help Desk.
If there is no sensitive data on a system, there is no need to contact the security team. You can bring malware-infected machines to the IS&T Help Desk for servicing.
Learn more about Information Protection at MIT.
Lost or stolen computers should be reported to the MIT Campus Police. If any sensitive data was on the computer, also notify firstname.lastname@example.org.