Incident Response Plan

NMSU Incident Response Plan

Cyber-attacks are a growing threat across the world and to our campus. Cyber-attacks happen when criminals infect your computer with password attacks, malware, viruses, ransomware, etc. that could capture sensitive data, deletion, modification, and scramble your files and leave you a ransom demanding payment to recover your data.

Your best defense against cyber-attacks is good cyber hygiene, training, and good backups.

To address this evolving threat, we have been working with a small team from across campus to develop a Cyber-Attack Response Plan for NMSU.

Watch the following one-minute video to get a quick understanding of what to do if you get hacked or compromised. 

If ransomware happens to you, no matter if you are faculty, staff, or a student, take these three critical steps immediately!

  1. ❏ Unplug the computer from the network via the Ethernet cable, fiber, etc.

          ❏ Turn off any wireless functionality: Wi-Fi, Bluetooth, and NFC.

          ❏ Disconnect all external storage: memory sticks, attached phones/cameras, printers/copiers,
              external hard drives, and USB drives.

      2. ❏ Do not turn systems or devices off. The message on the screen may be required to determine the attack type or threat.

      3. ❏ If you have not already done so, report the incident to the ICT Help Desk at (575) 646-1840 and/or
              Cybersecurity Response Team.

If you experience a cyber-attack incident, the NMSU ICT Help Desk will collect necessary information from you, including your department, time of incident, and possible systems affected. The NMSU ICT Help Desk will notify security contacts or the support staff from your department to provide in-person support to help faculty or staff respond and recover. If you are a student, you will be directed to the appropriate student support channels.

Provided are three quick response checklists:

Cybersecurity Attack Response Checklist – Use this checklist if the IT incident attack is unknown.

Ransomware Attack Response Checklist – Use this checklist if ransomware has been detected.

Data Breach Response Checklist – Use this checklist if a data breach has been detected.

Remember, most successful cyber-attacks begin with phishing emails, unidentified links, and external sources connected to your system. You are the first line of defense, and if you are in doubt, DO NOT click links or open the attachments.

Print Friendly, PDF & Email