Computer Emergency Response Team

A Computer Emergency Response Team ( CERT ), German computer security event and response team , also known as Computer Security Incident Response Team called (CSIRT), a group of is computer -Sicherheitsfachleuten, the concrete in solving IT security incidents (eg. B . Becoming aware of new security gaps in certain applications or operating systems , new types of virus spreading, PCs sending spam or targeted attacks) acts as a coordinator or generally deals with computer securitydeals (sometimes also industry-specific), issues warnings about security gaps and offers solutions (English: "advisories", German: "advice"). In addition, some CERTs (e.g. Bürger-CERT) help to eliminate security risks for certain target groups (e.g. citizens). The flow of information mostly takes place via mailing lists . There, safety-critical topics are discussed and discussed and current warnings are issued.

history

After the appearance of the first computer worm , the Morris worm , the first CERT was established at the Software Engineering Institute at Carnegie Mellon University in November 1988, which was funded by public funds from the US Department of Defense .

There are now several CERTs in different countries.

Germany

In Germany, in addition to the CERT of the University of Stuttgart and the CERT of the German Research Network, the Mcert was also established. This was aimed primarily at small and medium-sized companies. The Federal Association for Information Technology, Telecommunications and New Media (BITKOM) was founded by Mcert in cooperation with the Federal Ministry of the Interior and the Federal Ministry of Economics and Labor , but ceased operations in June 2007.

Since September 1, 2001, tasks related to computer security in the institutions of the Federal Republic of Germany have been taken over by the CERT-Bund, which was specially founded by the Federal Office for Information Security - BSI . The BSI also offers a corresponding service for private individuals with the “ Citizen CERT ”. The area of public administration in Germany is organized within the Verwaltungs-CERT-Verbund (VCV) at federal and state level. The first CERTs are now emerging in the municipal sector.

Credit industry

The German banking industry has also recognized the need for CERTs. S-CERT, the CERT of the Sparkassen-Finanzgruppe , was founded in 2001 . With the emergence of and the fight against phishing , CERTs became very important to the banking industry.

In Germany, the national CERT association promotes the establishment of CERTs. The CERT network was founded in 2002 by CERT-Bund, DFN-CERT, IBM BCRS, Siemens-CERT, S-CERT and Deutsche Telekom CERT. The following overarching goals were set: "Ensuring the protection of national information technology networks" and "Joint and rapid response to security incidents".

Swiss and Austria

The national CERT in Austria is operated by CERT.at. The Government Computer Emergency Response Team (govCERT) for public administration and the critical information infrastructure has been operated by the Federal Chancellery in cooperation with CERT.at since April 2008 . In addition, the Austrian Armed Forces have had their own milCERT element since 2013 .

In Switzerland, SWITCH operates a CERT for the Swiss university network and a bank CERT with a specific target group. In 2016, SWITCH's CERT celebrates its 20th anniversary.

The Austrian education and science network ACOnet has the ACOnet CERT as an equivalent for its own area.

Europe

In Europe, the TF-CSIRT ( Task Force - Computer Security Incident Response Teams of the umbrella organization of the European research and education networks TERENA) promotes the establishment and cooperation of CERTs. In order to establish a relationship of trust between CERTs, the so-called Trusted Introducer was set up by the TF-CSIRT , which records European CERTs and accredits them after a formal examination. From September 2009 to August 2011 this task was taken over by S-CURE BV (Holland) and since then by PRESECURE Consulting GmbH. The European Network and Information Security Agency ( ENISA ) of the EU promotes these activities, among other things by supporting the Training of Network Security Incident Teams Staff (TRANSITS) courses, which also emerged from TF-CSIRT .

Worldwide

The Forum of Incident Response and Security Teams (FIRST) is the global umbrella organization of CERTs and IT security experts. It is based in the USA.

Web links

International

CERT / CC is based at the Software Engineering Institute (SEI), Carnegie Mellon University in Pittsburgh , Pennsylvania

AusCERT (Australian Computer Emergency Response Team)

CERT.at (Austrian national CERT, Computer Emergency Response Team Austria)

ACOnet CERT (CERT of the Austrian science network ACOnet)

CERT-ENISA (CERT of the European Network and Information Security Agency - ENISA )

SWITCH-CERT (CERT of the Swiss Science Network)

US-CERT (US Government's CERT)

CERT.be (CERT of the Belgian Federal Government)

Germany

CERT-Bund (CERT of the Federal Administration at the BSI )
CERT-Hessen
CERT North
CERT NRW
CERT-rlp
DFN-CERT ( Association for the Promotion of a German Research Network )

KIT-CERT (CERT of KIT )

RUS-CERT (CERT of the University of Stuttgart )

S-CERT (CERT of the Sparkassen-Finanzgruppe )

SIEMENS CERT

civitec-CERT (municipal CERT in NRW)


Associations and forums

FIRST ( Forum of Incident Response and Security Teams )
Trusted Introducer (European Database of Computer Security Incident Response Teams)
TF-CSIRT (Task Force Computer Security Incident Response Teams, Europe)
National CERT Association Germany

Individual evidence

[1] ttp://www.switch.ch/de/stories/20years_cert/

[2] S-CURE continues to provide the Trusted Introducer service to CSIRTs under new agreement

[3] New supplier for TERENA's Trusted Introducer service