-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CSIRT Description for CERT OPL ========================== 1. About this document This document contains a description of CERT Orange Polska according to RFC 2350. It provides basic information about the CERT Orange Polska Team, the waysit can be contacted, describes its responsibilities and the servicesoffered. 1.1 Date of Last Update This is version 1.08, published at 2020-01-07 1.2 Distribution List for Notifications This document is kept up-to-date at the location specified in 1.3. Notifications of updates are also submitted to Trusted Introducer 1.3 Locations where this Document May Be Found The current version of this CSIRT description document is available fromCERT Orange Polska website at: https://cert.orange.pl/uploads/files/rfc2350_CERTOPL_en.txt Please make sure you are using the latest version. 1.4 Authenticating this Document This document has been signed with PGP key and its authenticity can beverified with CERT Orange Polska GPG key as published on our Web site,under: https://cert.orange.pl/zadania/pgp See section 2.8 for more details. 2. Contact Information 2.1 Name of the Team Full name: CERT Orange Polska Short name: CERT OPL 2.2 Address Orange Polska S.A. CERT OPL Al. Jerozolimskie 160 02-326 Warsaw Poland 2.3 Time Zone UTC +0100 - Central European Time (CET) UTC +0200 - Central European Summer Time (CEST - from the last Sunday inMarch to the last Sunday in October) 2.4 Telephone Number +48 22 887 17 88 2.5 Facsimile Number +48 22 618 13 66 (please note this is NOT a secure fax) 2.6 Other Telecommunication None available 2.7 Electronic Mail Address cert.opl@orange.com 2.8 Public Keys and other Encryption Information CERT Orange Polska uses the PGP key: Key ID: 0xCB779BD0 Fingerprint: AFA2 E965 6949 1BCB ED09 E17A DBFC 5A3B CB77 9BD0 This key can be received from directory servers or directly from our website: https://cert.orange.pl/zadania/pgp 2.9. Team Members Team CERT Orange Polska consists of IT security experts. 2.10 Other Information General information about the CERT Orange Polska, as well as links tovarious recommended security resources and services, can be found at http://cert.orange.pl CERT Orange Polska posts short messages on current events to the following twitter accounts: https://twitter.com/cert_opl 2.11. Points of Customer Contact The preferred method for contacting the CERT Orange Polska is via e-mailat . We encourage our customers to use PGP encryption when sending anysensitive information to CERT Orange Polska. If it is not possible (or not advisable for security reasons) to usee-mail, the CERT Orange Polska can be reached by telephone during regularoffice hours (please, check Section 2.4). CERT Orange Polska's hours of operation are generally restricted toregular business hours (09:00-17:00 Monday to Friday except holidays).In an emergency, please call to our Security Operations Center - 24/7/365 (please, check Section 2.4). If possible, when submitting your report, use the form mentioned in Section 6. 3. Charter 3.1. Mission Statement The mission of CERT Orange Polska is to raising the level of information infrastructure security and communication secure of the Orange Polskainternet community. The main purpose of the CERT Orange Polska is support of the Orange Polska internet community is taking actions to minimize the risk of occurrence ofcyber security incidents, and reduce the impact of their occurrence. 3.2. Constituency The constituency of CERT Orange Polska includes all users of the ICTsystems and networks of Orange Polska, including its subsidiaries and otherexternal entities using Orange Polska's network infrastructure and serviceplatforms, for which services are provided. Basic subnets within the scopeof activity (ASN/IP): AS5617, AS29535, AS33900, AS43447, AS12743. 3.3. Sponsorship and/or Affiliation CERT Orange Polska is an internal unit of Orange Polska - companies in thetelecommunications sector and is financed and supported by the OrangePolska. CERT OPL is a member of: - Trusted Introducer (TI), details on the website: https://www.trusted-introducer.org/directory/teams/cert-opl.html - Forum for Incident Response and Security Teams (FIRST), details on thewebsite: https://www.first.org/members/teams/cert_opl 3.4. Authority CERT Orange Polska operates under the auspices of, and with authoritydelegated by, the management of Orange Polska. CERT Orange Polska operates on the basis of internal regulations, terms ofcontracts with clients, legal provisions and adopted standards andprinciples. 4. Policies 4.1. Types of Incidents and Level of Support CERT Orange Polska is authorized to address all types of computer andnetwork security incidents, which occur, or threaten to occur, inconstituency of CERT Orange Polska. All the incident reports received by CERT Orange Polska are analysed,classified and prioritized that an efficient and appropriate level ofservice is provided. The level of support provided by Orange Polska CERT will vary depending onthe severity and type of the incident or problem, the type of constituentand resources affected, the scale of the threat, as well as other relevantcircumstances, including the availability of CERT Polska resources at thattime. 4.2. Co-operation, Interaction and Disclosure of Information All information received by CERT Orange Polska related to cyber securityincidents handled is considered confidential and is used only to resolveincidents and prevent further incidents. Information that is sensitive(such as personal data, system configurations) or may be harmful, isprocessed in a secure environment and encrypted, if they must betransmitted over unsecured environment. The information submitted to Orange Polska CERT may be distributed to interested parties, such as other CERT teams, administrators of theaffected resources, on a need-to-know basis, for the sole purpose ofincident handling (i.e. to the extent necessary to identify and mitigatethe threat). No personally identifying information is exchanged, unlessexplicitly authorized. CERT Orange Polska does not report incidents to the Law Enforcement Agencies unless required by the national law. However, CERT Orange Polskacooperates with the LEAs only in the course of an official investigation(we can provide information upon their request). CERT Orange Polska supports Information Sharing Traffic Light Protocol(TLP; see https://www.first.org/tlp/). Any communication that comes with tags supported by the TLP will be handled appropriately. 4.3. Communication and Authentication For information with low sensitivity it is possible to contact CERT OrangePolska using unencrypted email or by phone. In other cases, to ensure theconfidentiality and integrity of communication, CERT Orange Polska uses thePGP / GPG tool (see section 2.8). All sensitive information sent should beencrypted. In order to verify the authenticity of the information received or itssource, or authentication of the contact person, it is possible to useavailable methods such as searching the WHOIS database, community pages(including Trusted Introducer, FIRST), calling back or meeting, ifrequired. 5. Services CERT Orange Polska provides a wide range of services, available to varyingdegrees for specific groups of recipients (see section 4.1). 5.1 Reactive services - alerts & warnings - incident handling - vulnerability handling - artifact handling (in particular malicious code) 5.2 Proactive services - announcements - technology watch - security audits/pentests - configuration and maintenance of security tools, applications, andinfrastructures - development of security tools - intrusion detection (network monitoring) cyber threat intelligence (CTI) - security-related information dissemination 5.3 Security quality management services - security consulting - risk analysis - business continuity planning and disaster recovery ((BCP and DRP) - security awareness - education and training 6. Incident Reporting Forms The current version of the form is available at: https://cert.orange.pl/ 7. Disclaimers While every precaution will be taken in the preparation of information,notifications and alerts, CERT OPL assumes no responsibility for errors oromissions, or for damages resulting from the use of the informationcontained within. -----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 21495) Charset: utf-8 wsBVAwUBZkYSmPynf6KK8hThAQLqhAf/ajC2STHF1MtBxK6s2RbOHhD+m/Xr6whj apiLQ7ICztHEDACPnXx9yPFyrjiVgpS0GzGtA0284tF++3IrRQZB95A2VtQ6Bxy1 fPvxSbFnsR+MG6h4pzsbSwnbrAv2KnK+1PR1tDbiMrJswUrK8wxAgwq71xXkq3Nj sskvqf07vEel6cO5pNGkaaBAP7wmZ5xll2NZDFJKWTweBAElJHWL8f9rnC4o4JKu Eni8gbAS8gB4sxvMbf0uLwh0m6MtMFUxzgZEGaeD3OanJiPHrKNLfGoRouNgqHL2 4eJthTZLHItJqfHch8s7EK6SNrk9LxNG5kXY4GbsqeMKYep9ocJbeQ== =rpid -----END PGP SIGNATURE-----