Report Cyber Incidents

(Back)

Objective

Report Ransomware incidents to relevant internal and external bodies to enable quick and efficient incident responses.

Description

• As ransomware often involve multiple criminal offences, if you are a victim of ransomware, in addition to reporting to relevant internal and external bodies, report it to the Royal Canadian Mounted Police (RCMP) by contacting NC3Cyber-CyberGNC3@rcmp-grc.gc.ca and CCCS at cyberincident@cyber.gc.ca.
• If the incident involve a privacy breach (i.e. an unauthorized actor having access to data, whether the data is exfiltrated or not), the Office of the Privacy Commissioner of Canada (OPC) must be notified of the breach and of the mitigation measures being implemented.

References

TBS

1. DSM Appendix I (I.2.2.3 and I.2.2.4), and
2. GC CSEMP (5.2.2)

CCCS

1. Ransomware Playbook (ITSM.00.099) (2..2), and
2. Report a cyber incident

RCMP

1. Have You Been a Victim of Cybercrime? (00.037)

Office of the Privacy Commissioner of Canada: Report a privacy breach at your federal institution

Related Security Controls (ITSG-33)

IR-4, IR-6