The Computer Protection Program tracks all cyber incidents, advises on system cleanup, re-authorizes network use, performs forensics on affected systems, and, when necessary, provides information about incidents to law enforcement.
If you receive notice that your system has been infected by a virus, or if you have reason to suspect that your system has been successfully attacked in some other way, it is your responsibility to report it. Please see the Getting Started section for more information on what to do if you feel that you are aware of cyber incident.
- If you think you have a cyber security incident or want to report something cyber security related, please contact firstname.lastname@example.org
- If you believe a Berkeley Lab computer has been compromised and you have not yet been able to contact the appropriate technical support, please report it to email@example.com.
- It is important to report attacks right away, as a security engineer can often uncover information that will help prevent future attacks. However, killing processes, rebooting, etc., can destroy those clues. Even if the incident seems insignificant, it could be an important clue to a more widespread attack. Do not turn off your computer. Instead, quit using the machine, quarantine it immediately (leave it on but put a sign on the monitor to warn against further use), and report it.
Any LBNL-related cyber security incident can be reported via the LBNL CPPM Emergency Response Telephone Line 24 hours a day, 365 days a year at 510-486-7770 or ext 7770. This number is not for use on non-cyber-security incidents. It is staffed during normal business hours, and will activate an emergency pager during non-business hours. Other contact options are listed on the Contact Us page (Intranet).
As you and your team create content this area will fill up and display the latest updates.
The service is part of the Berkeley Lab Technology Resource Kit and is provided to all employees and affiliates at no recharge.