Skip to main content

What To Do If You Think You’ve Been Breached

Step 1–Disconnect your computer from the network do not turn off

Step 2–Report the suspected incident to your supervisor

Step 3–The supervisor reports the suspected incident following Agency procedures to the Agency/Staff Office Information Systems Security Program Manager (ISSPM) or Office Computer Incident Response Team (CIRT).

Step 4–Agency/Staff Office ISSPM or CIRT notifies the ISC 24 Hour Hotline at 866-905-6890 or cyber.incidents@asoc.usda.gov.


Has Your System Been Breached?

Unfortunately, many different types of computer vulnerabilities are common in our technology-centered world. This means that breaches may show up in many different ways.

The most obvious sign of a breach is when a device no longer operates normally. Here are some signs for concern:

  • Performance suddenly slows down
  • Strange things pop up on the screen
  • Familiar application functions no longer work properly
  • Your browser homepage changes without intervention
  • Clicking on Google-provided links sends you to random pages
  • Your browser has trouble connecting to the Internet

The good news is that these symptoms aren’t always caused by a breach. But only an expert can tell, so you should report all such anomalies immediately.


Fighting Hidden Threats

Sophisticated, subtle threats can only be detected by experts or security technology:

  • ISC may alert the Agency/Staff Office ISSPM or CIRT of a breach
  • An intrusion detection device may identify an attack
  •  Anti-virus software may fire in response to malicious code
  • A security scan may detect a vulnerability on a server that is critical to your mission.