Date: 20 June 2003
Click here to report a computer security incident
Purpose
The purpose of the AusCERT National IT Incident Reporting Scheme is to provide a mechanism:
- to collect and analyse reports about computer security incidents affecting Australian computer and information networks;
- to enable us to better inform the Australian public about computer network attack activity, threats and trends, and protection strategies.
Guidelines for completing the Incident Reporting Form
In order to gather relevant and accurate information about computer security incidents in a format which allows us to aggregate and analyse the data over time, we have opted to primarily use pre-defined fields.
It is recommended that you provide as much detail about the incident by selecting one or more of the pre-defined fields given for each question, where applicable.
If there is further relevant information which you wish to provide, there is a text field on the last page of the form which will allow you to provide these details.
While we will accept "anonymous" incident reports, without specific details in the report which can be verified, we may regard the report as being unreliable and delete it.
For Australian reporters, where possible it is recommended that you provide at a minimum your name and contact details (email or telephone number) in the event that we may wish to contact you about the incident.
Once you have submitted the incident reporting form, and if you supplied a valid email address in the appropriate field in the incident report, you will receive an email to confirm your report was received. The email will provide no details about the nature of the incident reported but will include a tracking code. If you wish to contact AusCERT again about this incident, please quote this number.
Are you seeking incident response assistance from AusCERT?
If you are an AusCERT member seeking urgent incident response or coordination assistance from AusCERT please telephone the member hotline after submitting an incident report.
Non-members who are seeking follow-up advice from AusCERT about an incident should send an email to AusCERT quoting the incident tracking code they receive after completing the incident reporting form. AusCERT will endeavour to handle non-member enquiries on a priority basis.
What is a computer security incident?
For the purposes of completing this web based form, a computer security incident is defined as :
An attack against a computer or network which harmed, or potentially may harm, the confidentiality, integrity or availability of network data or systems.
We are interested in reports about deliberate acts which harm or are intended to harm computer systems or compromise data within those system or which are otherwise illegal, eg, computer-facilitated financial fraud.
Who can report?
We will accept reports from anyone around the globe about computer security incidents emanating from or directed against Australian networks.
How will this information be used?
Data obtained from incident reports will be collated and analysed and used by AusCERT to better inform the Australian public about computer network attack activity, threats and trends.
For further information about how we may use your information, see AusCERT's National IT Incident Reporting Scheme Privacy, Confidentiality and Releasability Statement .
Security and Privacy of Submitted Incident Reports
AusCERT adopts best practice in computer security, which includes, inter alia, deploying Secure Socket Layer services to enable you to verify that you are communicating on-line with the AusCERT web server (www.auscert.org.au) and to protect the confidentiality of your report in transit.
AusCERT adopts multiple mechanisms (through the use of technologies, policies, practices and procedures) to secure our network and the sensitive and personal information stored on it, or otherwise held in our possession.
Click here to report a computer security incident
|