Cyber Threat Advisory Levels

What is the Cyber Threat Level?

The current Cyber Threat level is determined by the Multi-State Information Sharing and Analysis Center (MS-ISAC).  The alert level shows the current level of malicious cyber activity and reflects the potential for, or actual damage.  The indicator consists of 5 levels:

severe bar

Indicates a severe risk of hacking, virus or other malicious activity resulting in wide-spread outages and/or significantly destructive compromises to systems with no known remedy or debilitates one or more critical infrastructure sectors. At this level, vulnerabilities are being exploited with a severe level or wide spread level of damage or disruption of Critical Infrastructure Assets.

high barIndicates a high risk of increased hacking, virus or other malicious cyber activity which targets or compromises core infrastructure, causes multiple service outages, multiple system compromises or compromises critical infrastructure. At this level, vulnerabilities are being exploited with a high level of damage or disruption or the potential for severe damage or disruption is high.

elevated barIndicates a significant risk due to increased hacking, virus or other malicious activity which compromises systems or diminishes service. At this level, there are known vulnerabilities that are being exploited with a moderate level of damage or disruption or the potential for significant damage or disruption is high.

guarded barIndicates a general risk of increased hacking, virus or other malicious activity. The potential exists for malicious cyber activities, but no known exploits have been identified or known exploits have been identified but no significant impact has occurred.

low barIndicates a low risk. No unusual activity exists beyond the normal concern for known hacking activities, known viruses or other malicious activity.