If you suspect that your user account (your Umu-id), computer, mobile phone or your email has been compromised, attacked by a virus or hacked, it is important that you report this. By reporting, you can get help to rectify the situation, and also, you can get help to improve your IT and information protection.
Photo: Communications Office
When you have been subjected to an event that negatively affects your digital information, your IT environment or your user account, it is important that you report this to the university's Incident Response Team (IRT). IRT works actively to prevent, detect and investigate IT security incidents at Umeå University.
Report IT security incidents to IRT through email@example.com
If you have received a strange email, forward the email to firstname.lastname@example.org. Do not click links or respond to such emails.
If something else has happened, send an email to the same address describing your case as thoroughly as possible.
If you are uncertain, you can always contact email@example.com for advice and support.
What happens after I have reported an IT security incident?
When you submit a case to IRT, the team will assess your case and based on the assessment take potential actions. What actions may be relevant depends on the case.
An impact analysis will be made for all types of IT security incidents. In the event of a serious IT security incident, the incident must be reported to the Swedish Civil Contingencies Agency (Myndigheten för samhällsskydd och beredskap) within six hours. ICT Services and System Development (ITS) is responsible for reporting IT security incidents to the Swedish Civil Contingencies Agency through a special system.
Examples of measures
- If you forward an email, IRT will investigate the email. IRT has access to a system that enables them to open the email and check attachments and links in a secure environment that does not affect other systems.
- If the breach is ongoing, IRT can ask you to shut off internet access to the compromised device to limit the damage.
- If your email account starts sending out junk emails, IRT can temporarily shut down the email account whilst attending to the problem.
What is IRT?
The Incident Response Team (IRT) is a part of the security function at ICT Services and System Development (ITS). The security function coordinates IT security work at Umeå University and offers support and guidance in IT security issues. You can turn to the security function at ITS if you need information or guidance in IT security issues. Contact the security function via Servicedesk.
IRT is a certified team working actively to prevent, detect and investigate IT security incidents at Umeå University. You can turn to IRT to report all forms of hacking or attempts at hacking, unsolicited emails, network misuse or other similar cases that involve Umeå University.