BLUE or GUARDED indicates a general risk of increased hacking, virus, or other malicious activity. The potential exists for malicious cyber activities, but no known exploits have been identified, or known exploits have been identified but no significant impact has occurred.
- Examples:
- A critical vulnerability is discovered but no exploits are reported.
- A critical vulnerability is being exploited but there has been no significant impact.
- There are credible warnings of increased probes or scans.
- Actions:
- Continue recommended actions from previous level.
- Identify vulnerable systems.
- Implement appropriate countermeasures to protect vulnerable systems.
- When available, test and implement patches, install anti-virus updates, etc., in the next regular cycle.