The table below lists the categories and types of incidents that can be exported to NCIRCC:
Incident category |
Incident type |
Computer incident notification |
Involvement of a controlled resource in malicious software infrastructure |
Slowed operation of the resource due to a DDoS attack |
|
Malware infection |
|
Network traffic interception |
|
Use of a controlled resource for phishing |
|
Compromised user account |
|
Unauthorized data modification |
|
Unauthorized disclosure of information |
|
Publication of illegal information on the resource |
|
Distribution of spam messages from the controlled resource |
|
Successful exploitation of a vulnerability |
|
Notification about a computer attack |
DDoS attack |
Unsuccessful authorization attempts |
|
Malware injection attempts |
|
Attempts to exploit a vulnerability |
|
Publication of fraudulent information |
|
Network scanning |
|
Social engineering |
|
Notification about a detected vulnerability |
Vulnerable resource |