Crystal Clear #4: What is CERT and how can it be of service to you?

16.12.2016

Now that our economy is getting increasingly more dependent on digital communication and the Internet, protection is becoming more important. That is why the Cyber Emergency Team was set up. What can the CERT do for you and for your company?

What is CERT?

The Cyber Emergency Team CERT was established in 2009 to facilitate cooperation between Belnet, the organisation that manages the research network for the Belgian universities, colleges, research centres and government services, and Fedict, the Federal Public Service for Information and Communication Technology.  CERT was recently handed over to the CCB, the centre for cyber security Belgium.

The leading task of this neutral, non-commercial organisation is to gather information, provide this information to citizens and companies, and advise them. CERT collects data through different sources, such as:  

  • Own observations via sensors, honey pots, etc.
  • Reports from citizens and companies about attempts to digital break-in, phishing, suspect increase in network traffic, etc.
  • Information from other cyber emergency teams; CERT is part of an international network of security experts, in fact.

Security is everyone’s business

CERT’s advice is geared to various target groups, with particular focus on companies.  The organisation monitors new trends in security, assesses new technologies and gives specialised workshops. Companies are encouraged to set up their internal emergency teams to promote communication with CERT and with similar teams in other companies.

The human factor, end users and employees must not be ignored here. Employees are often unaware of the risks concerning the use of their own smartphone or tablet at work, downloading software, and clicking in a phishing e-mail. That is why CERT conducts awareness raising campaigns regularly to apprise users of such dangers.

Proactive and reactive

Prevention is obviously better than cure, so a large part of CERT’s task is proactive: assessing threats, and publishing alarms and warnings via www.cert.be, via Twitter and RSS feeds.
If your company falls victim of an attack nonetheless, then CERT can provide support in dealing with it. CERT’s experts draw on their experience to provide concrete advice.

CERT can be compared with the coordinator of a safety plan (fire protection, evacuation, etc.).  CERT will advise you preventively on how you can organise such protection optimally in your company. In a risk situation or in case of a disaster, CERT will coordinate aid on the basis of its own observations and reports from citizens, companies and other organisations. It will issue the necessary warnings and intervene as and where warranted.

For example, during a Denial of Services (DoS) attack on the network of the University of Liège in 2010, CERT diverted the malicious network traffic via the Belnet servers, so that said network could continue to function.
CERT is therefore an organisation where you can report your incidents, but also turn to for advice. It is not, however, a point where you can lodge a complaint. For that it is best to turn to the Federal Computer Crime Unit (FCCU), the Regional Computer Crime Unit (RCCU) or the police in your city or municipality.

You can contact CERT via e-mail or telephone; if you want to report a cyber incident, please read these practical tips first.

 

phishing

Tricksters lure you to a fake website that is a copy of a real one. They then get you to log in with your user name, password and credit card number. Once you’ve done that, the fraudster has your details.
Security