Incident Response Support

if you believe you are experiencing an issue, call the hotline immediately: 888-982-0936

How do i know there is an incident?

  • You might be experiencing a Malware attack if you suddenly experience a higher volume of emails being sent or received; unusual items on your screen (graphics/messages); programs start slowly, run slowly, or not at all; system instability or crashes; deleted, corrupted, or inaccessible files.
  • You might be experiencing a Ransomware attack (a subset of malware) if you see messages that indicate that your files are inaccessible (encrypted or blocked) unless you pay an allotted ransom.
  • You might be experiencing a Denial of Service (DoS) attack if you have unexplained network connection losses; network and host intrusion detection alerts; increased network bandwidth utilization.
  • You might be experiencing Unauthorized Access if you see modifications to critical files (e.g. Web pages); use of idle accounts; unexpected activity from user accounts; direct messages from an attacker claiming that they have accessed your system.



If you’re looking for a way to improve your planning of what to do BEFORE an incident occurs, we have a few different options. 

These are templates, so feel free to tweak whatever makes the most sense for you and your organization. 


Local sample templates

More coming!