-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CSIRT Description for CERT OPL========================== 1. About this document This document contains a description of CERT Orange Polska according toRFC 2350. It provides basic information about the CERT Orange Polska Team, the waysit can be contacted, describes its responsibilities and the servicesoffered. 1.1 Date of Last Update This is version 1.08, published at 2020-01-07 1.2 Distribution List for Notifications This document is kept up-to-date at the location specified in 1.3. Notifications of updates are also submitted to Trusted Introducer 1.3 Locations where this Document May Be Found The current version of this CSIRT description document is available fromCERT Orange Polska website at: https://cert.orange.pl/uploads/files/rfc2350_CERTOPL_en.txt Please make sure you are using the latest version. 1.4 Authenticating this Document This document has been signed with PGP key and its authenticity can beverified with CERT Orange Polska GPG key as published on our Web site,under: https://cert.orange.pl/zadania/pgp See section 2.8 for more details. 2. Contact Information 2.1 Name of the Team Full name: CERT Orange Polska Short name: CERT OPL 2.2 Address Orange Polska S.A. CERT OPL Al. Jerozolimskie 160 02-326 Warsaw Poland 2.3 Time Zone UTC +0100 - Central European Time (CET) UTC +0200 - Central European Summer Time (CEST - from the last Sunday inMarch to the last Sunday in October) 2.4 Telephone Number +48 22 887 17 88 2.5 Facsimile Number +48 22 618 13 66 (please note this is NOT a secure fax) 2.6 Other Telecommunication None available 2.7 Electronic Mail Address cert.opl@orange.com 2.8 Public Keys and other Encryption Information CERT Orange Polska uses the PGP key: Key ID: 0xCB779BD0 Fingerprint: AFA2 E965 6949 1BCB ED09 E17A DBFC 5A3B CB77 9BD0 This key can be received from directory servers or directly from ourwebsite: https://cert.orange.pl/zadania/pgp 2.9. Team Members Team CERT Orange Polska consists of IT security experts. 2.10 Other Information General information about the CERT Orange Polska, as well as links tovarious recommended security resources and services, can be found athttp://cert.orange.pl CERT Orange Polska posts short messages on current events to the followingtwitter accounts: https://twitter.com/cert_opl 2.11. Points of Customer Contact The preferred method for contacting the CERT Orange Polska is via e-mailat . We encourage our customers to use PGP encryption when sending anysensitive information to CERT Orange Polska. If it is not possible (or not advisable for security reasons) to usee-mail, the CERT Orange Polska can be reached by telephone during regularoffice hours (please, check Section 2.4 and 2.5). CERT Orange Polska's hours of operation are generally restricted toregular business hours (09:00-17:00 Monday to Friday except holidays).In an emergency, please call to our Security Operations Center - 24/7/365(please, check Section 2.4). If possible, when submitting your report, use the form mentioned inSection 6. 3. Charter 3.1. Mission Statement The mission of CERT Orange Polska is to raising the level of informationinfrastructure security and communication secure of the Orange Polskainternet community. The main purpose of the CERT Orange Polska is support of the Orange Polskainternet community is taking actions to minimize the risk of occurrence ofcyber security incidents, and reduce the impact of their occurrence. 3.2. Constituency The constituency of CERT Orange Polska includes all users of the ICTsystems and networks of Orange Polska, including its subsidiaries and otherexternal entities using Orange Polska's network infrastructure and serviceplatforms, for which services are provided. Basic subnets within the scopeof activity (ASN/IP): AS5617, AS29535, AS33900, AS43447, AS12743. 3.3. Sponsorship and/or Affiliation CERT Orange Polska is an internal unit of Orange Polska - companies in thetelecommunications sector and is financed and supported by the OrangePolska. CERT OPL is a member of: - Trusted Introducer (TI), details on the website: https://www.trusted-introducer.org/directory/teams/cert-opl.html - Forum for Incident Response and Security Teams (FIRST), details on thewebsite: https://www.first.org/members/teams/cert_opl 3.4. Authority CERT Orange Polska operates under the auspices of, and with authoritydelegated by, the management of Orange Polska. CERT Orange Polska operates on the basis of internal regulations, terms ofcontracts with clients, legal provisions and adopted standards andprinciples. 4. Policies 4.1. Types of Incidents and Level of Support CERT Orange Polska is authorized to address all types of computer andnetwork security incidents, which occur, or threaten to occur, inconstituency of CERT Orange Polska. All the incident reports received by CERT Orange Polska are analysed,classified and prioritized that an efficient and appropriate level ofservice is provided. The level of support provided by Orange Polska CERT will vary depending onthe severity and type of the incident or problem, the type of constituentand resources affected, the scale of the threat, as well as other relevantcircumstances, including the availability of CERT Polska resources at thattime. 4.2. Co-operation, Interaction and Disclosure of Information All information received by CERT Orange Polska related to cyber securityincidents handled is considered confidential and is used only to resolveincidents and prevent further incidents. Information that is sensitive(such as personal data, system configurations) or may be harmful, isprocessed in a secure environment and encrypted, if they must betransmitted over unsecured environment. The information submitted to Orange Polska CERT may be distributedtointerested parties, such as other CERT teams, administrators of theaffected resources, on a need-to-know basis, for the sole purpose ofincident handling (i.e. to the extent necessary to identify and mitigatethe threat). No personally identifying information is exchanged, unlessexplicitly authorized. CERT Orange Polska does not report incidents to the Law EnforcementAgencies unless required by the national law. However, CERT Orange Polskacooperates with the LEAs only in the course of an official investigation(we can provide information upon their request). CERT Orange Polska supports Information Sharing Traffic Light Protocol(TLP; see https://www.first.org/tlp/). Any communication that comes withtags supported by the TLP will be handled appropriately. 4.3. Communication and Authentication For information with low sensitivity it is possible to contact CERT OrangePolska using unencrypted email or by phone. In other cases, to ensure theconfidentiality and integrity of communication, CERT Orange Polska uses thePGP / GPG tool (see section 2.8). All sensitive information sent should beencrypted. In order to verify the authenticity of the information received or itssource, or authentication of the contact person, it is possible to useavailable methods such as searching the WHOIS database, community pages(including Trusted Introducer, FIRST), calling back or meeting, ifrequired. 5. Services CERT Orange Polska provides a wide range of services, available to varyingdegrees for specific groups of recipients (see section 4.1). 5.1 Reactive services - alerts & warnings - incident handling - vulnerability handling - artifact handling (in particular malicious code) 5.2 Proactive services - announcements - technology watch - security audits/pentests - configuration and maintenance of security tools, applications, andinfrastructures - development of security tools - intrusion detection (network monitoring) - cyber threat intelligence (CTI) - security-related information dissemination 5.3 Security quality management services - security consulting - risk analysis - - business continuity planning and disaster recovery ((BCP and DRP) - security awareness - education and training 6. Incident Reporting Forms The current version of the form is available at: https://cert.orange.pl/ 7. Disclaimers While every precaution will be taken in the preparation of information,notifications and alerts, CERT OPL assumes no responsibility for errors oromissions, or for damages resulting from the use of the informationcontained within. -----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.3.2 (Build 21495) Charset: utf-8 wsBVAwUBZYL5MPynf6KK8hThAQJ/1AgAhMkYtS8J2c3ar/RfNP7yRInp7V/QEj8K rg7udCFgaqf35eeCLFhPz6mnbqNUoK4bo+KZ6/iFGGysiGnHpCy17mKzA2BBS6ml lSs1XEDPsb4rSeM2bLhGkJYXBI5tjW+bkQJaudLCL+J+6GVKGirsUTMs989Q6yAq YWQCNA9sMM4qftWCVkkR+3qD78df6TKVNCEBfVZqNaF2Y6jHei8IoLade+peJvtT 7MXejbG4Bx4r2x0SO5khDMzG6fZUVi+/HEKIvgrb1GlGs35OHGv8RSkTmPi/QYVd SNZT+FUDlkrYczDFgt0JOiT1MREHDPxb1NjlON9yus1/O8HJ1FN3Hg== =+TZ1 -----END PGP SIGNATURE-----