Verantwortung

RFC 2350 Deutsche Telekom CERT

  • Teilen
    2 Klicks für mehr Datenschutz: Erst wenn Sie hier klicken, wird der Button aktiv und Sie können Ihre Empfehlung senden. Schon beim Aktivieren werden Daten an Dritte übertragen.
  • Drucken
  • Text vorlesen

Version: 0.2
Date: 18 Feb 2019, 17:00:00 +0100
Contact: cert@telekom.de

1. Document information
This document contains a public description of Deutsche Telekom CERT according to RFC 2350. It provides basic information about the CERT, the ways it can be contacted, describes its responsibilities and the services offered.

1.1 Date of last update
18 Feb 2019, 17:00:00 +0100

1.2 Distribution list for notifications
There are no public distribution list for notifications as of 2019/02.

1.3 Locations where this document may be found
The current version of this document can always be found at: http://www.telekom.com/security/cert

1.4 Document Authenticity
This document can be retrieved from our webserver using TLS/SSL.

2. Contact information
2.1 Name of the team
Deutsche Telekom CERT

2.2 Address
Deutsche Telekom AG
Deutsche Telekom CERT
Bonner Talweg 100
D-53113 Bonn
 

2.3 Time zone
We are located in the central European timezone (CET) which is GMT+0100 (+0200/CEST during summer time in Europe, approximately end of March until End of October).

2.4 Telephone numbers
+49 228 181 71773 (primary number, 24/7)
+49 800 3824 2378

Please observe that the above published telephone numbers are solely intended for communication related to critical security incidents. Disregard this previous condition might lead to blacklisting of your telephone numbers on our PBX.
 

2.5 Facsimile number
None.

2.6 Other telecommunication
None.

2.7 Electronic mail address
Please send incident reports to cert@telekom.de.

2.8 Public keys and encryption information
User ID: Deutsche Telekom CERT - Team Key 2018 - 2021 <cert@telekom.de>

Key ID: 0xA8FF58B4 Key type: RSA

Key size: 4096 Expires: 2021-08-29

Fingerprint: 432F 6F27 10EC A96B 670A 24EE 11D8 746A A8FF 58B4

-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFuH7NIBEADBwRh/Tc8cddTHpNelEmaAGC0Q0PWEss8L2M7+JHGFv/vxcx1w
xqAz4suZuDHh+twIlpLeUKI4egWn/zpW5UvMWoPQGNqo1aLOk7hP1lKF/S+QRULK
7fz83lhhkxdjDrCP2Ewa+6cnqhkgCPF9fRN9YpZ+5cYmL/i4zPmjJLAjz6/STGsE
7b2szrvSDqmWOFNpeixzUPaeDKao7BfaXax34uPKOa0x+q+8P3BG2zBlCGlrDQ6R
ymDxEIfW23kpk7R+ZwUJj9yY5IbfY2ZZJ9T995fDTsj+3ycZ2HwJZ33xQzsYo2bk
kEEaNSN9Ypi+nOyREMpuO3USzZVY1FPo00gMPGn2Jb43WsxDhDTZc8JK1em2C7fu
OOZ2vzuz1cKO4EOMW49EGQDf4Nawrq6QXR+LgDDGmwr18fyoiinJTiIGgAaR0LbT
RnF1VzJW+4f5Ujs/VRUy/7sLsEcpyIHhu7iq5LIRhyOLnnw09b3GFg2W/BCUugqq
CMwjGcuud8ag2i/My7IGyogzFJWePht0CMuteXKwfseOMKZIbTWyC5iZxvmda0MG
pEoNlvKM+fS2au0S/kYrypjqKW3qIP+ZXfcllqf/8kFxGmAXaII+5inGOvcXIKeL
SKzYY0HqOCO/mJDJZLNfMeK/MCgFdlCrKkcS4Tf9SRMUFZxMC56p6nItCwARAQAB
tD5EZXV0c2NoZSBUZWxla29tIENFUlQgLSBUZWFtIEtleSAyMDE4IC0gMjAyMSA8
Y2VydEB0ZWxla29tLmRlPokCVAQTAQgAPhYhBEMvbycQ7KlrZwok7hHYdGqo/1i0
BQJbh+zSAhsDBQkFo5qABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEBHYdGqo
/1i0pYwP/0sqHzsdXsL2GJVi1+1f8EgKgOR1NYuFq/3MYcyv5+tkAuvB87udGlDf
1N+szuHEKr3iS/LilEcKYIn3lC3bjudRhAoVF7ay81avf0lDDmOTrr/+bMeAC23X
9Yqt32LsxKIV1viu3tcYeDUw8kKRgX4rQ3VBE9zMCVY+MCOW9wyd2NNBVwdfKr/p
iY4nxyFZhz1AO7iYi+Wv+84l4IFhp2hMnQ7UIKdmClgVFayygf5fuCtzyG+Q7KwN
ENVnHS5dYrC1vTJUjC+VWFkFAfpCorgcQsC7sKzthCixFDaL7DGQg9HyRzhr9AKX
LYX9396Rfq0QTuMRGtXF3b/+joMVRvzqFs7LB+SCF4ZCAc4nI2bCOvbnrCEL++ti
v5m19TUYU1tMAwOcfF9Q8Ix2fwmkgzP5So1bnEjf276IwZwn5BjxgKj/jBq1SlMf
qhjw5wO4dPlrz4OAFDgI4ZaPHV4OgrUmQxGDJn2/ntGXOwwfcTyxUl9YzkTdmvCP
2XIJ4S2Fc+NFr5z+FhdlpZ7zLlJ049/rfTVjFD1Evl9VSBW2pih67Whaqhm8eOAK
ywe04d34CIbZxq31VUpnaPTGWl7UPWgent3hidj4UfnDCVAvclR40lly0GuG5uH7
iMAj1LpRT5QmPRXXhGqv1oGb5ceOXSdQR/S38esstYUCvZ8FQURHuQINBFuH7NIB
EADQdRyRHDgTWYLj7Rxm0tlNkL7uyz5UbiHyWdzomuBu1VRxbBwlebZg1KrxENE+
eJNT3Jvy1XqOBw0d4O+/3ohqsF5XKexoQpGhTR4GAObcc+Z7NR9r83l9FIvQT8x1
KRtZMU7bC5SBcrCfKJwqgvrPo2iFteu5GdO9D8uTXEkaXUhzBjBvcoZCLlsUUu3Y
eCiagWnlcIUF2o5SbuGPtgjE8Pf38W/XHwvprn8k35zNTOrbaVU9bxPgIpofCBrq
X9uKRmGsRTMB8HgJharthU21nkzbs7vhgzO4wxchzdIASXp30/XBuK8eAEPaK0dB
vmtPUo9Zo8bD2ihwyPClWMnHv3QroSs3foScI9ddLc5LH3xBDhcxzmCzrivL+CJU
Ee3U2z+sow+2GQnXEi3/DEwxOAA3/ZAK3cY+1kE+BL+lHUjCRK0KvQI5QnvmEYau
Weobq3j4rzrmR97UZU2j4zYR2H5zdXr7wkzDYIsYNstnWeqz+XTPRzo9m8oQ1V8f
JjbZ6wPFNnvSDZG/7sqlUmjEmkpEFenaBVgNS+X7K83YoblHvIlN4cSTpzpr7d1U
LNWnfuT68uEG/qu3pDVK7VlmqEcODyWED8FLoF82NpRS6W+TU4tt8V/cU+y3ozz4
4fw383F/yk0k9JQkP0iiJEnI73pxFUMmdv2ufG2h7P1uZQARAQABiQI8BBgBCAAm
FiEEQy9vJxDsqWtnCiTuEdh0aqj/WLQFAluH7NICGwwFCQWjmoAACgkQEdh0aqj/
WLTLFBAAgNLIoE2Vn8CapBeN/4Ba+b/qaObbPygQ1MnzNSGYITJ6WeuRiI9fMOrW
jbJIr2m0rp+agLEeLZSg0EUinUMFUf1cdcP91ajG2PzqgAffX6lSf/T10jNi4TlS
r7SG7wt4Yg2q0Gdk6Va5I5NDTytU6y4pEhq/MlX9ErSMDJS9GvtlthFP7EWZ65gi
qu1urx0nfRLn0fdUYtkmHPIGq+x2Lp63eOs5k34E4aZDzQ0OUeHYiNJ8wroG/W9p
gNqYAJeOJOPpbZFyMPPtWHGk/kERUVTanfSNFYJDyszR1E8G9iUy6Y+nRLhiQmJN
09OC+URrrF5ZVJjNKqEZhcspmSfesTg5jjTow90nABXlwloWJ1RLquvJEA/mK4Ix
4GgQ8hcZiKYO3dO7qOdVJZy8FIdU3BF8IhLY1jltKbzoXLZo3PkNi6NTwiCaynHr
+oI3yyBet2M+sFbG9LUS61MKw1dnAmvwS20GvoH/kuM/XGNK1AfRei9bxEjxaaFE
vGDqj/7iXHCjOBVvB+SZJ/PbAZXbH2I3UjpIiOKj5kugT1/dFD0DMUWMSrOr7QOR
vophkIdA5l3ftczkw7qzvqq2wVR0k1ku/M9wMPZQz4qN5m3Rk9YB7MkGuARNviph
iNtBNthEn1C+KFonWcNdy3Mf/jLHodQNNFbcWR3izKkj+Bn24/8=
=Aiw6
-----END PGP PUBLIC KEY BLOCK-----

3. Charter
3.1 Mission statement
Protect Deutsche Telekom and its constituents from attacks, using state-of-the-art detection methods. Professionally manage cyber incidents and ensure the timely and sustainable resolution and recovery.

3.2 Constituency
Deutsche Telekom CERT's constituency is mixed, thus, the team attends internal and external customers.

3.3 Sponsorship and/or affiliation
Deutsche Telekom CERT is an internal unit of Deutsche Telekom AG and is solely financed and supported by the latter.

3.4 Authority
The main purpose of Deutsche Telekom CERT is the group-wide and multinational coordination of incident response and operative incident handling, throughout Deutsche Telekom subsidiaries and member companies.

Deutsche Telekom CERT has indirect authority over AS3320 (DTAG) and with the German CERT- Verbund (union of German CERTs), it is an accredited TI (Trusted Introducer) team, and also a full member of FIRST (Forum of Incident Response and Security Teams).

further European and International Institutions such as: * ETIS - The Global IT Association for Telecommunications * ETNO - European Telecommunications Network Operators' Association

4. Policies
4.1 Types of incidents and level of support
Deutsche Telekom CERT addresses all kinds of security incidents which occur, or threaten to occur, within its constituency.

The level of support depends on the type and severity of the given security incident, the impact for affected companies and persons within our constituency, and our resources at the time. Usually, our first response is timely at the same working day.

We expect end users to contact their local systems or network administrators or their local security contacts.

4.2 Co-operation, interaction and disclosure of information
Deutsche Telekom CERT highly regards the importance of operational cooperation and information-sharing between Computer Emergency Response Teams, and also with other organizations which may contribute towards or make use of their services.

Deutsche Telekom CERT operates in strict compliance with German and/or EU legislation.

4.3 Communication and authentication
Deutsche Telekom CERT makes use common cryptographic methods to ensure the confidentiality and integrity of the communications. GPG/PGP and S/MIME are available for general communication via email.

5. Services
5.1 Incident response
Deutsche Telekom CERT is able to perform operative incident handling in several different environments. The tasks include large-scale hunting and detection of security incidents, artifact collection, artifact analysis and reverse engineering.

5.2 Incident coordination
Deutsche Telekom CERT ensures it has operational capabilities to coordinate large-scale cyber security incidents and emergencies.

Deutsche Telekom CERT will also collect statistics about incidents within its constituency.

5.3 Proactive activities
Deutsche Telekom CERT offers up-to-date information about security vulnerabilities to its internal constituents. Besides, the team continuously develops new tools for incident detection and investigation.

6. Incident reporting forms
There are no public forms available. All communication should be directed to mailto:cert@telekom.de. We recommend any communication related to security incidents or Vulnerabilities to be encrypted by GPG/PGP tools. Please use our current team-key, published on this website.

7. Disclaimers
While every precaution will be taken in the preparation of information, notifications and alerts, Deutsche Telekom CERT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.

FAQ

Diese Website verwendet Cookies, um Ihnen den bestmöglichen Service zu gewährleisten. Durch die Nutzung der Website {js_accept}akzeptieren{js_accept} Sie die Verwendung von Cookies. Weitere Informationen finden Sie hier.