Version: 0.3
Date: 1 Feb 2022, 10:00:00 +0100
Contact: cert@telekom.de
1. Document information
This document contains a public description of Deutsche Telekom CERT according to RFC 2350. It provides basic information about the CERT, the ways it can be contacted, describes its responsibilities and the services offered.
1.1 Date of last update
1 Feb 2022, 10:00:00 +0100
1.2 Distribution list for notifications
There are no public distribution list for notifications as of 2019/02.
1.3 Locations where this document may be found
The current version of this document can always be found at: http://www.telekom.com/security/cert
1.4 Document Authenticity
This document can be retrieved from our webserver using TLS/SSL.
2. Contact information
2.1 Name of the team
Deutsche Telekom CERT
2.2 Address
Deutsche Telekom AG
Deutsche Telekom CERT
Friedrich-Ebert-Allee 71 – 77
D-53113 Bonn
2.3 Time zone
We are located in the central European timezone (CET) which is GMT+0100 (+0200/CEST during summer time in Europe, approximately end of March until End of October).
2.4 Telephone numbers
+49 228 181 71773 (primary number, 24/7)
+49 800 3824 2378
Please observe that the above published telephone numbers are solely intended for communication related to critical security incidents. Disregard this previous condition might lead to blacklisting of your telephone numbers on our PBX.
2.5 Facsimile number
None.
2.6 Other telecommunication
None.
2.7 Electronic mail address
Please send incident reports to cert@telekom.de.
2.8 Public keys and encryption information
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGnXoa8BEADRISXxfNNv3LFIs5wtMB+w+HZUHId2Qge7J5JpX3wsFQkUr28L
u/rOLrumESfgPl+phT7QMSHE9NMQJw8o4MWf6sF7VXuJ781CuEioPOvQSCM0er77
NPJTE4o8/zh/Xt8GHoavvHGPpQzpYB6TQodJ2vaPiDYpS0gIPPi1H6bFEvksbgOZ
MMnGl/Ex1yqRkW+g79mNQV0rw8KRO2fRGY8ZHmtnfgzxI+vdIqf4wkZyUGATTUaf
VXRYYaqZd/25QZA0i7vbdhSi2rlNe24IpD8Cp/PYTxxYZhN/BhHYMQ1CilJG0d1P
d6ERJFFaOxQ3QL/5XOsvsHfpAByMr85fHEsFrFB4v5sS2iNnFqkXYjwffc3q4iUe
9TgRWBDPW3KGdj/96ZrV3U572ZU2ENZjum6YFo0+tNAOpvY9oeIqpoaIKfS1I60O
6DrsMoJDZoMP/47BB2TQpTxJzy/b5zwoZcM80kh5tr6N7k+Wx6seC4vR2BQllqPm
mXLbVnfUEO+Dq7gEf4uzIP0tsyKiI+ttm3Ow8J4wD6GDIlE3SQAgHYYH0qbAbb8i
PJQFW6+F1LYv1MBvQeZbitEmjCkOAf/rr4QYcoP3vOSDPcKglYUleq5hPmseLDyk
dLlIW8aMddSkebpCjMgj62/FhOrwCAB25nI5MfdAgyxiUD8ye/sbgkXv2QARAQAB
tD5EZXV0c2NoZSBUZWxla29tIENFUlQgLSBUZWFtIEtleSAyMDI2IC0gMjAyOSA8
Y2VydEB0ZWxla29tLmRlPokCVAQTAQgAPhYhBKwzZs6D3Clg8lWYCXSkgM/N/FeN
BQJp16GvAhsDBQkFxzEFBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEHSkgM/N
/FeNZ9UP/iwl+KislP+u7E5c/VbJ4+VJeqvZqeOTKzbcAHYEyScRtFaAidebvGUd
LqVtgM4tAeCP0xt9c+3kMI24ZxeR2sDs0rnk5vTsgInEB49cVcyE6pqqBdsT2BC7
xZuuPCSm4Jt94MCujC9U7t2/eFGrZ6PmR9I6kBRsdAwnXTMp6JWUKojTRVHhisVl
pXe1DjPAcbnHuK6k1eUDz9wCJuEadF2VSR/yGrIwkZf0qehC3gYIUBK5bfB86pYd
nRRdRHjWY42YUvT3I+chUWsE1+3NKJa/lL26W3dOzZgzlf2Vj3mV14rhXowUdz6j
hpNav769yKVr7G95ibDqf3ZZXopq00zbLwVpQbM39o7vaFflQfSmgKQvvNv9N5hC
KsTfPOpgxqx9tb3f++ZHz/hX6GJ7JXiUGDNFNffibPTJdKMGnXmmJr7KLc8D4lGQ
wfTY88kVvDkFo2X9DQB1d2An+Ew915zdlJyVrt40tYax0IAez+NRfEYls3WXFkOl
oIJ8m+OScxDnkI+0qjLQa0prYVLJW4P1NncWbLJNWWE2DVnVRebISih5wNFfTCiF
b5jqTuj8AV96/AfaH4m2quo9fYS/GvNV/nNL+cF6sXDph1DWvzL9NYnb7QaRUqfZ
GSgIrB1Rund25fcPmwIgJWihACAMw4+t1SGfkPqqyaVThm5mp5RliQIzBBABCAAd
FiEEdi/KrcjX95+udJw9/FZNet+cNNoFAmnXonIACgkQ/FZNet+cNNqkqA//TCCW
fYt72KkBBBGRyZWxTFEP2zxWZmo6Bqq3QYpdBjswRYx1CCmT4j0wayAvaABbx+Hz
PUaPjoXjY6fVflRzfMrDkCy3sGSOBq4eKa/gbLVRLPcm4NrB2AOunAIBEOnj5hCE
COzUqpGDH1wRS9qyh0FaEUkod5PkrefJ2iKMq46j4btubay2+fPMzPmOD3NPOnFi
zFu3XaeXNs5enKE6HG1Pq+mBLyY7gUxGPqJ992zeRHzC/ol2GjQ5qO0aX5+Uq7ZF
aaw+MQFvn7jP/IQ+/Bpz98iy3aHdnqt75E9DomgjfPy5HQPS4inuNplvtTAIwmPA
wLVXBs8/OvEIR1XrnpGK7xgaxl8Z903YswCaLRESwP5LA+ov3lQ6UH0KX8NgKxhX
hhg8+BkR8RLp5XvJa2P/hhuvMgBTE2/hI9vmLvgvFVkw9Y2M2OYI9zEQnLKm1HEw
osdbqPxRIfAw9HLvw+dSaWvLUHLrWoncBQDsAk+i3/SIJhrAWtJ7IJbDzH886OBI
ybdGPfdjznnKfJFFqPKaeS2HAlj+SOdeq0pzi/wXzUc7+teoE7pOFsDEjMk37mv1
3bTRbnnwLQqdKNd6Knj8olmBYRaZaxAf/7B/plejA++XCbwKn+QsdlHlRnYxmIp+
FpgW/MklALhTXFOhzRimNS1upcQ7m+fQBzw72L25Ag0EadehrwEQAMKfHX5RsP6d
YDaNAIQcgGBsCt8JLHog+CespROwH81UUJhSHikYLRForJvxp0dXJIFh3+aTKSVJ
+Plew9CmZQw6KaDHlS2kEHNcmNl6zvvPJmmnBeF1FM0s00zVHpHHf4bSWN3hBmng
Jf/Ib2+FVbLv5LN+U+e+hjyasn7iDraJArjfCYtehJzoa88r+crnIRyBKgZjslU3
5B2FarY3RKgM1GANv9FIpX77NXpRbSsnmtcjM30y93uQPSpbEH9hXnK88xiJlxUB
nXwf6yUyu2uyejqXV0hzKi+PaqKFrNGyKLLoMjWRn/e2BR4FExso6lhypkBd5Mre
V7QmyxIftuSe5anLJamxGNgQD/MjHhrLpbHvfQaGr1fj5tEyVLSQVMJcMAZvCVsl
02dAWHXySRq7Fn0+ethcN1MoqwcbqMCDOfQLgEsJV5hcZIk95aQEyGdkhoNjf+iO
gupvDJXXM7hZuBSk7u8Ou5xOuKI8YQ1j/aYa8k8Y4Yn5plwxHaA1rTLuRcRQLvBG
f/L6CgOGtK+vCdRE18tFRnVWLmlGKDpfmQZ0WEW0EH2sTUhJxvLtBwAQur+GxbYy
4OVLWX/gjoSgdu0jwdilEaz/r32zMr1JqvlrpheOB/hN51o1hVTopjb4KJWYbKhu
2hYW9ubg2VeU/8/kvN7wt02Pz1X4d/HfABEBAAGJAjwEGAEIACYWIQSsM2bOg9wp
YPJVmAl0pIDPzfxXjQUCadehrwIbDAUJBccxBQAKCRB0pIDPzfxXjTluEAC4hTjT
G9WIX6VowzSW9/LgU7Tf3XvuHpoafwGm4DioS49HOMvnfJumUfV/VfMmZ0wt39Z9
dPlwSWXNW/RRXWabIAZmPygbLNAuvRM3FoUuS7+HlOjO2N7GdjI5HiOxwElVxmQq
5xqTsBW39O14YEks9Lu7E48GZYhaOg9EUBRTSOxbyX+YV31Ny2DwocOiZ8Qwy3tD
PAxxRPr0/pUxorGR7041i5N8W5fUl7xhVindBtmZ34RFTXbf97stKYPFcQeBJXud
gSum6chC3lV/EI7IyrJLO956pPgWtxFQHcYcDtqw376f/QRFhtQf4x4SF24sDM1c
2ScWWz96rPp50aeDHCul6z1Ih2j3r5sd04NjPFLZ2MRNXppBY0PKRn1Skgn3zyjH
dbnLERFNEDkcILLCtNkLD6j7/kqq3AZSfzq2agNOQqOuNLe/qsk7J7D+x2DusF+d
lbIdJBrc55GUczFctycNeSQOpx2v8QooDI/qKnWicft/Xzs2qZiKgLlTPpO0RcU6
bpMCAci7pScT7lf7F7VeKxmzkL/fU0LmoryKiw+4w+XJkEUyeRGy3d/7nvMxBOdW
TjpbtAdzrwAeKGLeG/Lnwbop5TNnaX7Pid0eRrv0uAImJB/xEhsHP3eZGjq0eNwv
c0cHnM+9xei1RG7IiQGyk9Grv41SeG+Wz6/Yig==
=Xtv+
-----END PGP PUBLIC KEY BLOCK-----
3. Charter
3.1 Mission statement
Protect Deutsche Telekom and its constituents from attacks, using state-of-the-art detection methods. Professionally manage cyber incidents and ensure the timely and sustainable resolution and recovery.
3.2 Constituency
Deutsche Telekom CERT's constituency is mixed, thus, the team attends internal and external customers.
3.3 Sponsorship and/or affiliation
Deutsche Telekom CERT is an internal unit of Deutsche Telekom AG and is solely financed and supported by the latter.
3.4 Authority
The main purpose of Deutsche Telekom CERT is the group-wide and multinational coordination of incident response and operative incident handling, throughout Deutsche Telekom subsidiaries and member companies.
Deutsche Telekom CERT has indirect authority over AS3320 (DTAG) and with the German CERT- Verbund (union of German CERTs), it is an accredited TI (Trusted Introducer) team, and also a full member of FIRST (Forum of Incident Response and Security Teams).
further European and International Institutions such as: * ETIS - The Global IT Association for Telecommunications * ETNO - European Telecommunications Network Operators' Association
4. Policies
4.1 Types of incidents and level of support
Deutsche Telekom CERT addresses all kinds of security incidents which occur, or threaten to occur, within its constituency.
The level of support depends on the type and severity of the given security incident, the impact for affected companies and persons within our constituency, and our resources at the time. Usually, our first response is timely at the same working day.
We expect end users to contact their local systems or network administrators or their local security contacts.
4.2 Co-operation, interaction and disclosure of information
Deutsche Telekom CERT highly regards the importance of operational cooperation and information-sharing between Computer Emergency Response Teams, and also with other organizations which may contribute towards or make use of their services.
Deutsche Telekom CERT operates in strict compliance with German and/or EU legislation.
4.3 Communication and authentication
Deutsche Telekom CERT makes use common cryptographic methods to ensure the confidentiality and integrity of the communications. GPG/PGP and S/MIME are available for general communication via email.
5. Services
5.1 Incident response
Deutsche Telekom CERT is able to perform operative incident handling in several different environments. The tasks include large-scale hunting and detection of security incidents, artifact collection, artifact analysis and reverse engineering.
5.2 Incident coordination
Deutsche Telekom CERT ensures it has operational capabilities to coordinate large-scale cyber security incidents and emergencies.
Deutsche Telekom CERT will also collect statistics about incidents within its constituency.
5.3 Proactive activities
Deutsche Telekom CERT offers up-to-date information about security vulnerabilities to its internal constituents. Besides, the team continuously develops new tools for incident detection and investigation.
6. Incident reporting forms
There are no public forms available. All communication should be directed to mailto:cert@telekom.de. We recommend any communication related to security incidents or Vulnerabilities to be encrypted by GPG/PGP tools. Please use our current team-key, published on this website.
7. Disclaimers
While every precaution will be taken in the preparation of information, notifications and alerts, Deutsche Telekom CERT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.