Below we describe the recommended process for reporting cyber incidents that occur either to your own law enforcement network, or that occur to private citizens or companies.
If you think your agency has been a victim of a cyber incident
If you have experienced a cyber incident in your law enforcement network, the first step is to report it through the FBI’s eGuardian website. Note that this requires an account through the Law Enforcement Enterprise Portal (LEEP) or RISS account.
If you do not currently have a LEEP account, please visit https://www.cjis.gov. Access to LEEP provides many additional benefits, including online cybercrime training and malware investigation.
If you have an urgent need
Please call a local FBI field office if you have an urgent need for assistance regarding a cyber event. A list of offices is available here.
You may also want to contact the Multi-State Information Sharing and Analysis Center (MS-ISAC) in order to address an immediate threat and prevent further compromise. MS-ISAC “is the focal point for cyber threat prevention, protection, response and recovery for the nation’s state, local, tribal, and territorial (SLTT) governments. The MS-ISAC 24×7 cyber security operations center provides real-time network monitoring, early cyber threat warnings and advisories, vulnerability identification and mitigation and incident response.”
If a company or private citizen reports a cyber attack or cyber crime
Organizations that have experienced a cyber attack can report their incident through InfraGuard’s iGuardian portal.
Individuals, on the other hand, that have experienced some form of cyber crime should first report the incident to the Internet Crime Complaint Center (IC3). The IC3 accepts complaints regarding any “illegal activity involving one or more components of the Internet, such as websites, chat rooms, and/or email.” The following are examples of illegal activity reports they accept: advance-fee schemes, non-delivery of goods or services, computer hacking, employment/business opportunity schemes, email phishing scams, and unauthorized wire transfers.