Report an Incident

The MS-ISAC is happy to assist U.S. State, Local, Tribal, and Territorial (SLTT) entities with cybersecurity incident response. Even if your SLTT organization is not an MS-ISAC member, we encourage you to contact us if you experience:

  • Changes to system hardware, firmware, or software without the owner's knowledge, instruction, or consent
  • Compromised passwords
  • Malware, including viruses, trojans, worms, or botnet activity
  • Defacement of a government website
  • Unauthorized access to information
  • Disruption or attempted denial of service (DoS)
  • Unauthorized use of system data or privileges

"Thank you for providing this invaluable service!"

- MS-ISAC Member

Direct Assistance From Our CERT

Our expertly trained Computer Emergency Response Team (CERT) is here to help. If your SLTT organization experiences a cybersecurity incident, our CERT can provide the following free response services:

  • Emergency conference calls
  • Forensic analysis
  • Log analysis
  • Mitigation recommendations
  • Reverse engineering
  • Verbal report 24 hours following the incident
  • Written report one week following the close of the incident

"I will continue to leverage this expert and valuable service as long as it exists. The MS-ISAC CERT was once again very efficient and provided a robust root cause analysis in a timely fashion."

- MS-ISAC Member

The MS-ISAC Security Operations Center (SOC) is available 24/7 to assist via phone or email:

Arrow 866-787-4722

Arrow soc@msisac.org