Cyber Incident Reporting | WISCONSIN STATEWIDE INTELLIGENCE CENTER (WSIC)

* Indicates required field

Submitter’s Contact Information

* First Name

please enter first name

* Last Name

please enter last name

* Email Address

please enter email address

* Telephone (###) ###-####

* Organization or WSIC Partner #

please enter Organization or WSIC Partner

* Type of Organization

United States Federal Government

Private Sector

Foreign Government

Individual

State, Local, Tribal, or Territorial (SLTT) Government (U.S.)

Other…

Enter other…

* Critical Infrastructure Owner

Yes

Industry Sector (If Applicable)

please enter Industry Sector (If Applicable)

* Incident Start Date: mm/dd/yyyy

Incident Start Time

* Incident Detected Date: mm/dd/yyyy

Incident Detected Time

Impact Details

* Is the confidentiality, integrity, and/or availability of the organization’s information systems affected?

Yes

* Please define the functional impact to the organization by selecting one of the following

High – Organization has lost the ability to provide all critical services to all system users.

Medium – Organization has lost the ability to provide a critical service to a subset of system users.

Low – Organization has experienced a loss of efficiency, but can still provide all critical services to all users with minimal effect on performance.

None – Organization as experienced no loss in ability to provide all services to all users.

What is number of systems impacted (if known)?

please enter What is number of systems impacted (if known)

How many users are impacted (if known)?

please enter How many users are impacted (if known)?

What operating systems (OS) are impacted?

OS Name

please enter os name

OS Version

please enter os version

* How was this incident detected?

By an Administrator

AV Software

Intrusion Detection System

Log Review by an Analyst

By a User

Other

Unknown

* What is the function of the system(s) affected? Please select all that apply

Application Server(s)

Database Server(s)

Domain Name Server(s)

Mail Server(s)

Time Server(s)

Web Server(s)

Other Server(s)

Firewall(s)

SCADA System(s)

Switch(s)

Router(s)

Desktop(s)

Laptop(s)

Please enter the attacking Internet Protocol (IP) address(es)

IP Address

please enter IP address

Port

please enter Port

Protocol

Please enter protocol

Add another attacking Internet Protocol (IP) address(es), Port Protocol

IP Address

please enter IP Address

Port

please enter port

Protocol

please enter protocol

Please paste network flow here (if available)

Threat Vectors

* Please select at least one threat vector

Attrition

Web

External/Removable Media

Impersonation/Spoofing

Improper Usage

Loss or Theft of Equipment

Physical Cause

Other

Unknown

* Cyber Incident Report Type

Cyber Fraud

Data Destruction

Data Theft

DoS/DDoS/TDoS

Malware/Ransomware

Network Intrusion

Other

Phishing/Spear phishing

Suspicious Network Traffic

Website Defacement

Information Impact to the Organization

* Was the confidentiality of classified information compromised?

Yes

* Was proprietary information such as protected critical infrastructure information (PCII), intellectual property, or a trade secret accessed or exfiltrated?

Yes

* Was personally identifiable information (PII) such as taxpayer, employee, or beneficiary accessed or exfiltrated?

Yes

* Was protected health information (PHI) such as medical history, test and laboratory results, insurance information accessed or exfiltrated?

Yes

* Was sensitive or proprietary information modified or deleted?

Yes

Unknown

* Please select the organization’s recoverability for this incident

Regular – Time to recovery is predictable with existing resources.

Not recoverable – Recovery from this incident is not possible (e.g., sensitive data exfiltrated and posted publicly).

Supplemented – Time to recovery is predictable with additional resources.

Extended – Time to recovery is unpredictable; additional resources and outside help are needed.

Narrative of Events

Please enter Narrative of Events

Leave this field blank