In computing science, resilience is the ability of system or network architecture to recover normal operation after a brutal crash. When malicious cyber act on control signals of a Networked Control System (NCS) is designed to remain undetectable from passive model-based Fault Detection and Isolation (FDI) schemes, we show that the unobservable consequence on the state variable of the plant becomes brutally observable after the disappearance of the damaging action. In order to quickly recover the nominal behavior of the Linear Quadratic Gaussian (LQG) controller, a resilient LQG controller is obtained from an active version of the Generalized Likelihood Ratio (GLR) test designed to detect the disappearance of the malicious act and to increase the tracking ability of the Kalman filter at detection time.