What to do if you detect an information security incident
Was your email hacked, did you receive an SMS with a suspicious link or is your computer infected with malware? Should you come across an information security incident, notify both the authorities and your organisation’s IT support staff. We explain below how to report incidents to different authorities.
Information security incidents include, for example, phishing, data system break-ins, denial-of-service attacks and their attempts. Incident reports help the authorities examine individual cases and provide support in managing incidents.
By reporting an incident, you will also help others. When you report an information security incident, you help the authorities gain an understanding of current events concerning information security. Incident reports are very important to us because they help us share information and advice about information security phenomena. When you submit a report to us, we can also give you advice on what to do to manage the situation.
All reports submitted to the NCSC-FI are always processed with complete confidentiality. That is why we ask you on the incident report form whether you allow us to exchange information about the case with the police. Allowing us to do that will make it easier and quicker to deal with the incident.
Have you detected an information security incident?
Do you suspect a crime has been committed?
Offences may include, for example, the theft of credit card or banking details, identity theft, data system break-ins, data theft by means of malware and various network attacks.
Are you an operator of a function vital to society?
Essential critical infrastructure operators and service providers must notify any security incidents in their network and information systems to the authorities. Sectors covered by the reporting obligation include the energy sector, digital infrastructure, digital services, financial sector, financial sector infrastructure, transport sector, healthcare sector and water supply sector.
Has the information security incident resulted in a personal data leak or a data leak risk?
In addition to submitting a report, the processing of an information security incident nearly always requires practical measures. There is no single operating model that would fit all situations. Therefore, we also recommend contacting the IT support staff of your own organisation.