About

The objectives of CERT-DRT can be found below at paragraph 3.1. Also, please read the disclaimer.

 

A description of CERT-DRT's services in accordance to the "Expectations for Computer Security Incident Response" document:

1. Document Information
1.1 Date of last update
Version 3, published 2010-08-11.
Historical records:
Version 2, published 2009-01-30.
Version 1, published 2008-04-27.
1.2 Distribution list for notifications
Notifications of updates are submitted to our customers using mailing list and forum.
1.3 Locations where this document may be found
The current version of this CERT-DRT description document is available from the CERT-DRT website http://cert.org.ro. A Romanian version can be obtained from the Romanian version of this website
1.4 Authenticating this document
Integrity and authenticity of electronic documents can be achieved by using digital signatures (see 2.6). Signed versions of this document are available on request.

2. Contact Information
2.1 Name 
"CERT-DRT"
2.2 Address
CERT-DRT
Bucharest
Romania
2.3 Time Zone
Europe/Bucharest (EET/GMT+0200 and EEST/GMT+0300 from April to October)
2.4 Telephone
CERT-DRT customers and partners will be given an emergency phone number, by which CERT-DRT can be reached in case of emergency, based on the necessity of such service.
2.5 Electronic-Mail address
The address forwards to all CERT-DRT staff.
2.6 Public Keys and Encryption Information
2.6.1 PGP-Key
You can check the PGP Public Key here.

***pending revoke and update of keys***

2.7 Team Members
CERT-DRT is organised by qualified staff. Customers may receive more detailed profiles, as considered by the team's manager, on demand.
2.8 Other Information
General information about CERT-DRT can be found at http://cert.org.ro. 
2.9 Points of Customer Contact
CERT-DRT can be reached using e-mail (2.6), and phone (2.4). CERT-DRT prefers electronic communication.
CERT-DRT's working hours are Monday to Friday 11:00 to 18:00 except holiday. In case of emergency, CERT-DRT can be contacted by customers outside the normal work hours as well, based on the contract terms.

3. Charter
3.1 Mission 
- Provide a central contact point for addressing web-based incidents in Romania.
- Coordinate with domestic and international CERTs/CSIRTs and related organizations; 
- Increase awareness and understanding of information security and the technical knowledge within Romania through education and training;
- Offers proactive and reactive support on handling incidents within its capabilities;
- Gather and disseminate technical information on computer security incidents and vulnerabilities and security fixes, and other security information related to the issues it addresses;
- Issue alerts and warnings;
- Provide statistics based on its activities and reports. 

3.2 Constituency
CERT-DRT works exclusively for its customers, partners or other individuals or communities, based on its right to choose who to represent or the right of the ones that choose to be represented by it.

3.3 Sponsorship and/or Affiliation
CERT-DRT is not affiliated with any other agencies or organizations.
If any organization, community or individual wants to sponsor CERT-DRT in any way to offer better services, their help is appreciated.

3.4 Authority
CERT-DRT is an independent organization, currently not having a juridical personality, and not a law enforcement agency, nor part of any law enforcement agency or governmental agency.
CERT-DRT realizes proactive services as described in 5.1. All further activities by CERT-DRT are solely initiated on request of the customers (whereas they can be legal persons or private individuals). 


4. Policies
4.1 Types of incidents and level of support
CERT-DRT offers help and support to address information security incidents which occur at the customers' sites. The amount and types of support of is determined by the customer and team. The proactive services of CERT-DRT are primarily focused to security officers and security administrators.
4.2 Co-operation, interaction and disclosure of information
In principal, CERT-DRT will treat all customer-related information as high confidential. CERT-DRT treats all personal information in accordance with the Romanian data protection act. CERT-DRT will share information only with the customer's agreement. CERT-DRT may share anonymous non-customer-related information with other organisations or agencies when this will assist them in resolving or preventing further similar incidents. CERT-DRT will not act as a law enforcement agency nor try to incriminate anyone.
4.3 Communication and Authentication
Non-sensitive information will be sent using ordinary e-mail. Confidential information will mainly be sent encrypted using e-mail. Phone and fax will be used without special precautions. Every customer has to name a contact person. The contact person authorises further employees at the customer on demand.  


5. Services
5.1 Proactive Activities
CERT-DRT supports the IT security measures of its customers in many ways and tries to do it in an up-to-date manner as much as possible.
5.1.1 Mailinglist
Information for basic security of applications, computers and networks will be daily analysed, evaluated and distributed along with countermeasures electronically per e-mail. Digests are published once per month.
5.1.2 WWW-Server
All distributed information are permanently stored on the WWW-server http://cert.org.ro and can be searched.
5.1.3 Forum*
CERT-DRT partners can join the moderated forum in order to exchange experiences and to discuss.
*Forum not available for the moment
5.2 Incident Response
CERT-DRT is prepared to assist customers in handling the technical and organisational aspects of security-related incidents.
5.2.1 Incident Triage
CERT-DRT is prepared to assist customers in handling the technical and organisational aspects of security-related incidents:
- Investigating whether indeed an incident occurred.
- Determining the extent of the incident.
5.2.2 Incident Coordination
Customers will be supported in order to react internally and externally in an adequate way. CERT-DRT will notify further sites which may be involved and public institutions on behalf of the customer and in a neutral way.
Coordination:
- Determining the initial cause of the incident
- Facilitating contact with other sites which may be involved.
- Facilitating contact with appropriate law enforcement officials, if necessary.          
- Making reports to other CSIRTs.
- Composing announcements to users, if applicable.
5.2.3 Incident Resolution
Countermeasures which resolve or work around the used leaks and loopholes are of first priority. Taking of evidence and further activities are done on customer's demand and within the limits of the law and the teams roles. 


6. Incident Reporting Forms
Please use the contact form or the contact email address for submiting your incident reports.

7. Disclaimers
The information distributed by CERT-DRT has been obtained from sources believed to be reliable and trusted or have been verified. CERT-DRT and its representatives can take liability for completeness, accuracy and correctness only in so far, as gross negligence or intention create liability. Any liability beyond it, in particular possible damages resulting from using or non-usability of the information contained herein, is excluded. 
CERT-DRT's services and products are not endorsed, authorised or sponsored by, nor affiliated with, Carnegie Mellon University, the Software Engineering Institute or the CERT Coordination Center.
CERT-DRT is an independent organization, currently not having a juridical personality, and not a law enforcement agency, nor part of any law enforcement agency or governmental agency.