Taking Action Against Threats

Reporting a Cybersecurity Incident

Animated picture of a girl in a library on her computer

Grace Kim - a student at ¾ÅÐãÖ±²¥ - sits at a computer looking stressed. A phishing email titled "Urgent Financial Aid Update" sits open on the screen. Grace hesitates, then closes the email and opens a new browser window. 

Animated picture of a girl speaking to an older man at a library

Grace walks over to a friendly librarian, Mr. Jones.

"Excuse me, Mr. Jones, I received a suspicious email that might be a phishing scam. What should I do?" Grace asks.

"Thanks for letting me know, Grace! That's definitely something we need to report." Mr. Jones responds.

Animated picture of a laptop with a warning icon on the screen. A spider is perched on the top of screen

Mr. Jones guides Grace to a computer with the university's IT Security Incident Reporting Portal on the screen. He explains that this portal makes it easy to report suspicious emails. Grace learns that she can even forward the email directly to Queen’s IT Services!

Animated picture of two IT professionals working on their computers. Lock icons float in the foreground of the picture

Grace sits back down at her computer, relieved. While she continues her work, the IT Security team analyzes the phishing email and takes steps to protect the university community. 

Security incidents are events that indicate an organization’s system and/or valuable data have been compromised or threatened. Dealing with a cybersecurity incident in the right way is important - it can be easy to miss something and not fully remove the threat.

Signs that a security incident has breached your systems or applications include: 

  • The network or Operating System (OS) on your device becomes slower
  • Your browser redirects known URLs to different sites (i.e. you want to visit queensu.ca but are directed to a different website)
  • Your files and/or servers have been encrypted and you cannot access them
  • Your device receives excessive pop-ups
  • Your data usage is increasing while your usage remains the same

The most important thing to remember is to ACT QUICKLY. The sooner you take action to report an incident, the less time your data is vulnerable.

Types of Security Incidents

Although phishing is the most common avenue for scammers to access your information, security incidents can occur in several forms. Expand the following menu items to learn more about how your information could be put at risk. 

Occurs when unauthorized individuals have stolen sensitive or confidential information. As we grow with technology, more and more digital data is added to our digital world. This data often contains sensitive, personal, and confidential information, and as a result, data breaches have become a popular type of attack. Data breaches can be extremely costly to an organization.

When malicious software is used to damage a computer or network system or to gain unauthorized access to the university's private data. Malware attacks can come in many forms including ransomware, spyware, command and control, and more.

Involves fraudulent communication such as emails, text messages, or social media posts and messages. These fraudulent messages are designed to mimic trusted and reputable sources to deceive target users into revealing their credentials or sensitive personal data. You can check out the content from Week 1 to learn how to protect yourself from phishing. 

A denial-of-service (DoS) attack occurs when legitimate users are unable to access an information system, device, or another network resource. This is a common method of attack wherein a target network or server is flooded with fake traffic, which overloads the server and results in a DoS. Services that can be affected by a DoS attack include email, websites, and medical facilities. 

Basic Mitigation Measures at Queen's

Icons symbolizing cyber training floating in the foreground of an image. Person on their computer in the background.

Participate in all Security Awareness Training

¾ÅÐãÖ±²¥ provides regular security awareness training to ensure faculty, staff and students (end-users) have a basic understanding of cybersecurity threats. This helps minimize human error and block a possible breach before it occurs. 

To see what training is available to you, check out the Cybersecurity Education and Awareness page.

A woman and two men staring at a computer. The woman is standing and pointing at the screen.

Ensure You Know How to Report a Security Incident 

Without an end-user’s input and reports, security incidents can go undetected for long periods of time. When ¾ÅÐãÖ±²¥ faculty, staff, and students are aware of the processes for reporting possible security breaches, incidents can be caught before much damage is done. 

Learn more about how to report a security incident.

Lock sitting on top of a laptop's keyboard

Report ANY and ALL Suspicious Incidents

As an end-user, you are the university's first line of defence when attackers attempt to breach our digital environment. Any security infrastructure can be compromised by human error or failure to report a possible incident.

It is essential for all ¾ÅÐãÖ±²¥ faculty, staff, and students to report any and all suspected security breaches, even if it does not appear to be a significant threat.

A Security Threat Is Reported – What Happens Next? 

In response to an incident being reported, IT Services can take the following steps: 

  • Take action to mitigate the security incident and prevent it from spreading across the university and its affiliates.
  • Perform additional investigation to document the scale and severity of the breach and the type of institutional data that was potentially involved.
  • Identify all exploited vulnerabilities.
  • Revise existing or recreate additional protection/security policies.

This Week's Challenge

Test your knowledge with our cybersecurity reporting quiz. Note that you will be prompted to log in with your NetID and password. When you're ready, click the link below to begin the quiz.

This quiz will collect your name, ¾ÅÐãÖ±²¥ email address, and NetID to notify winners of where and how to redeem their prize. Your data will not be shared with any other party or used for any other purpose.