ICT SECURITY INCIDENTS
1.ICT Security Incidents
ICT Security incidents mean adverse events that occur on ICT assets or the threat of such incidents. It may be an act in violation of the ICT security policy set either expressed or implied. Types of incidents are identified as follows:
The use of ICT assets for the purpose of information leakage and / or access information in violation of the ICT Security Policy.
Security threats to computer systems in which the information processing service is deliberately denied to the system users. This involves any action that prevents the system from functioning normally. Including denial of service (DoS), distributed denial of service (DDoS) and sabotage.
Using and modifying the characteristics of the hardware, software or any component of a system without the knowledge, order or consent of any party. This includes unauthorised access, intrusion of websites, system tampering, modification of data, and amendments to the system configuration
Forgery and using fake identity commonly used while sending messages via e-mail including identity abuse and theft, information theft / espionage, and hoaxes.
Spam are emails sent to email accounts of others by an anonymous sender at once and repeatedly (the content of the email is identical). This causes network congestion and make it slow.
Hardware or software included into the system for the purpose of unauthorised intrusion. It involves viruses, Trojan horses, worms, spywares and others.
Harassment and threats by various means through emails and letters with personal motives for some reason.
- Attempts / Hack Threats/ Information Gathering
Attempts (whether failed or successful) to access the system or data without permission. Including spoofing, phishing, probing, war driving and scanning.
- Kehilangan Fizikal (Physical Loss)
Loss of access and use due to damage, theft and fire on ICT assets.
2. Action Priority Levels On Incident
Actions on the incidents that occur must be made based on the level of the incident. Action Priority levels in regard to the incidents will be determined as follows:
- Priority 1 (Red) - ICT security incidents that threaten life, threatens the security and defence of the country, affecting the economy and the image of the country, which may require a Business Continuity Planning being activated.
- Priority 2 (Yellow) - other security incidents, such as site intrusion, system interruption, intrusion of ICT assets.