A cyber incident is an “event that could jeopardize the confidentiality, integrity, or availability of digital information or information systems” (U.S. Department of Homeland Security).Common types of cyber incidents include:
- Data breaches
Threat actors expose confidential and/or legally protected information. - Malware attacks, including ransomware attacks
Threat actors access and encrypt data and systems, rendering them unusable and demanding payment for decryption. - Social engineering attacks
Threat actors exploit human error to gain unauthorized access to systems and data. - Denial of service attacks
Threat actors overwhelm servers, systems, and networks with traffic to slow or stop them altogether. - Cyber fraud
Threat actors transfer funds out of their targets’ accounts without authorization or under false pretenses.This list is not exhaustive, and cyber incidents increasingly “blur the lines” between these categories.