-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CSIRT Description for CERT OPL ========================== 1. About this document This document contains a description of CERT Orange Polska according to RFC 2350. It provides basic information about the CERT Orange Polska Team, the ways it can be contacted, describes its responsibilities and the services offered. 1.1 Date of Last Update This is version 1.08, published at 2020-01-07 1.2 Distribution List for Notifications This document is kept up-to-date at the location specified in 1.3. Notifications of updates are also submitted to Trusted Introducer 1.3 Locations where this Document May Be Found The current version of this CSIRT description document is available from CERT Orange Polska website at: https://cert.orange.pl/uploads/files/rfc2350_CERTOPL_en.txt Please make sure you are using the latest version. 1.4 Authenticating this Document This document has been signed with PGP key and its authenticity can be verified with CERT Orange Polska GPG key as published on our Web site, under: https://cert.orange.pl/zadania/pgp See section 2.8 for more details. 2. Contact Information 2.1 Name of the Team Full name: CERT Orange Polska Short name: CERT OPL 2.2 Address Orange Polska S.A. CERT OPL Piotra Skargi 56 03-516 Warsaw Poland 2.3 Time Zone UTC +0100 - Central European Time (CET) UTC +0200 - Central European Summer Time (CEST - from the last Sunday in March to the last Sunday in October) 2.4 Telephone Number +48 22 887 17 88 2.5 Facsimile Number +48 22 618 13 66 (please note this is NOT a secure fax) 2.6 Other Telecommunication None available 2.7 Electronic Mail Address cert.opl@orange.com 2.8 Public Keys and other Encryption Information CERT Orange Polska uses the PGP key: Key ID: 0xCB779BD0 Fingerprint: AFA2 E965 6949 1BCB ED09 E17A DBFC 5A3B CB77 9BD0 This key can be received from directory servers or directly from our website: https://cert.orange.pl/zadania/pgp 2.9. Team Members Team CERT Orange Polska consists of IT security experts. 2.10 Other Information General information about the CERT Orange Polska, as well as links to various recommended security resources and services, can be found at http://cert.orange.pl CERT Orange Polska posts short messages on current events to the following twitter accounts: https://twitter.com/cert_opl 2.11. Points of Customer Contact The preferred method for contacting the CERT Orange Polska is via e-mail at . We encourage our customers to use PGP encryption when sending any sensitive information to CERT Orange Polska. If it is not possible (or not advisable for security reasons) to use e-mail, the CERT Orange Polska can be reached by telephone during regular office hours (please, check Section 2.4 and 2.5). CERT Orange Polska's hours of operation are generally restricted to regular business hours (09:00-17:00 Monday to Friday except holidays). In an emergency, please call to our Security Operations Center - 24/7/365 (please, check Section 2.4). If possible, when submitting your report, use the form mentioned in Section 6. 3. Charter 3.1. Mission Statement The mission of CERT Orange Polska is to raising the level of information infrastructure security and communication secure of the Orange Polska internet community. The main purpose of the CERT Orange Polska is support of the Orange Polska internet community is taking actions to minimize the risk of occurrence of cyber security incidents, and reduce the impact of their occurrence. 3.2. Constituency The constituency of CERT Orange Polska includes all users of the ICT systems and networks of Orange Polska, including its subsidiaries and other external entities using Orange Polska's network infrastructure and service platforms, for which services are provided. Basic subnets within the scope of activity (ASN/IP): AS5617, AS29535, AS33900, AS43447, AS12743. 3.3. Sponsorship and/or Affiliation CERT Orange Polska is an internal unit of Orange Polska - companies in the telecommunications sector and is financed and supported by the Orange Polska. CERT OPL is a member of: - Trusted Introducer (TI), details on the website: https://www.trusted-introducer.org/directory/teams/cert-opl.html - Forum for Incident Response and Security Teams (FIRST), details on the website: https://www.first.org/members/teams/cert_opl 3.4. Authority CERT Orange Polska operates under the auspices of, and with authority delegated by, the management of Orange Polska. CERT Orange Polska operates on the basis of internal regulations, terms of contracts with clients, legal provisions and adopted standards and principles. 4. Policies 4.1. Types of Incidents and Level of Support CERT Orange Polska is authorized to address all types of computer and network security incidents, which occur, or threaten to occur, in constituency of CERT Orange Polska. All the incident reports received by CERT Orange Polska are analysed, classified and prioritized that an efficient and appropriate level of service is provided. The level of support provided by Orange Polska CERT will vary depending on the severity and type of the incident or problem, the type of constituent and resources affected, the scale of the threat, as well as other relevant circumstances, including the availability of CERT Polska resources at that time. 4.2. Co-operation, Interaction and Disclosure of Information All information received by CERT Orange Polska related to cyber security incidents handled is considered confidential and is used only to resolve incidents and prevent further incidents. Information that is sensitive (such as personal data, system configurations) or may be harmful, is processed in a secure environment and encrypted, if they must be transmitted over unsecured environment. The information submitted to Orange Polska CERT may be distributed tointerested parties, such as other CERT teams, administrators of the affected resources, on a need-to-know basis, for the sole purpose of incident handling (i.e. to the extent necessary to identify and mitigate the threat). No personally identifying information is exchanged, unless explicitly authorized. CERT Orange Polska does not report incidents to the Law Enforcement Agencies unless required by the national law. However, CERT Orange Polska cooperates with the LEAs only in the course of an official investigation (we can provide information upon their request). CERT Orange Polska supports Information Sharing Traffic Light Protocol (TLP; see https://www.first.org/tlp/). Any communication that comes with tags supported by the TLP will be handled appropriately. 4.3. Communication and Authentication For information with low sensitivity it is possible to contact CERT Orange Polska using unencrypted email or by phone. In other cases, to ensure the confidentiality and integrity of communication, CERT Orange Polska uses the PGP / GPG tool (see section 2.8). All sensitive information sent should be encrypted. In order to verify the authenticity of the information received or its source, or authentication of the contact person, it is possible to use available methods such as searching the WHOIS database, community pages (including Trusted Introducer, FIRST), calling back or meeting, if required. 5. Services CERT Orange Polska provides a wide range of services, available to varying degrees for specific groups of recipients (see section 4.1). 5.1 Reactive services - alerts & warnings - incident handling - vulnerability handling - artifact handling (in particular malicious code) 5.2 Proactive services - announcements - technology watch - security audits/pentests - configuration and maintenance of security tools, applications, and infrastructures - development of security tools - intrusion detection (network monitoring) - cyber threat intelligence (CTI) - security-related information dissemination 5.3 Security quality management services - security consulting - risk analysis - business continuity planning and disaster recovery ((BCP and DRP) - security awareness - education and training 6. Incident Reporting Forms The current version of the form is available at: https://cert.orange.pl/ 7. Disclaimers While every precaution will be taken in the preparation of information, notifications and alerts, CERT OPL assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within. -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 2068) Charset: utf-8 wsBVAwUBXhR1A/ynf6KK8hThAQpx4Af/fYZWDYHz7wcfVCfzp+iNn0jk/qJPSUhZ gQKG9ufM5BnaiA+DYb0IyVBnVTO2Jbd7l872IlpolNjW4jzZfpnIdNqQ8NjB2OeQ XW09P9FzYrldDWwzA/bcQcs84C/DXfkBNqTIvBnWInG4C2ESQivGbmVgnVEWk17j Ni6Zl5mPJ/RNg5OL6Sk0Y8uT7mfDj5S2eb+fUKbOYMKUT+Byid06GZoDOjvd5zv8 TmCIhsoYgGmm1CjTKRwyN/H0DCCZEAFhWY1JINtqJfEhrmWrhsdbHedBtSHuOeRF la7giWvwwA2h1RGLshsDWGBTzxac/t20CYXVXKIvMrl4yzJ2K1B/yg== =pKi9 -----END PGP SIGNATURE-----