CSIRT Description
CSIRT Description for HKCERT - RFC 2350
- About this document
- Date of Last Update
This is version 1.0, published on 01 June 2018.
- Distribution List for Notifications
This document is kept latest in the location specified below. Email notification of updates is sent to HKCERT Management.
Please send questions about updates to the HKCERT team email address: [email protected]
- Locations where this Document May Be Found
The current version of this CSIRT description document is available from the HKCERT WWW site; its URL is https://www.hkcert.org/rfc2350/
- Date of Last Update
- Contact Information
- Name of the Team
Full Name: Hong Kong Computer Emergency Response Team Coordination Centre
Short Name: HKCERT
- Address
HKPC Building,
78 Tat Chee Avenue, Kowloon,
Hong Kong - Time Zone
Asia/Hong Kong (GMT+0800)
- Telephone Number
+852 8105 6060
- Facsimile Number
+852 8105 9760 (this is NOT a secure fax)
- Other Telecommunication
None.
- Electronic Mail Address
<[email protected]> This is a mail alias that relays mail to the human(s) on duty for the HKCERT.
- Public Keys and Other Encryption Information
The HKCERT has a PGP key, whose Key ID is 0x018C7573 and whose fingerprint is
D388 1D39 EB17 32D3 5457 CACA 9BC2 605E 018C 7573.
The key and its signatures can be found at the public PGP key servers.
- Team Members
No public information is provided about HKCERT members.
- Other Information
HKCERT is a member of the Forum of Incident Response and Security Teams (FIRST); detail see https://www.first.org/members/teams/hkcert
- Points of Customer Contact
The preferred method for contacting HKCERT is email.
For general inquiries, please send email to [email protected]
For abuse or security issues, please send email to [email protected]
In an emergency, contact HKCERT at +852 8105 6060.
- Name of the Team
- Charter
- Mission Statement
Managed by the Hong Kong Productivity Council (HKPC), Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) is the centre for coordination of computer security incident response for local enterprises and Internet Users. Its missions are to facilitate information disseminating, provide advices on preventive measures against security threats and to promote information security awareness.
- Constituency
Local enterprises and Internet users of Hong Kong Special Administrative Region.
- Sponsorship and/or Affiliation
The HKCERT is sponsored by the Hong Kong SAR Government and managed by the Hong Kong Productivity Council (HKPC).
- Authority
HKCERT is led by the Centre Manager with authority delegated by HKPC.
- Mission Statement
- Policies
- Types of Incidents and Level of Support
Reported incidents would be treated in different priorities as rated by HKCERT well-defined assessment framework.
- Co-operation, Interaction and Disclosure of Information
All incoming information is handled confidentially by HKCERT, regardless of its priority, according to the HKCERT Information Security Policies.
When reporting a sensitive incident, please state explicitly (for example, by using the label “CONFIDENTIAL” in the subject field of email) and, if possible, use encryption.
HKCERT supports the Traffic Light Protocol (TLP; see https://www.first.org/tlp/). Information that arrives with the tags WHITE, GREEN, AMBER, or RED will be handled appropriately.
- Communication and Authentication
See section 2.8; In cases that involve sensitive information, use of PGP/GPG is highly recommended.
- Types of Incidents and Level of Support
- Services
- Incident Response (Triage, Coordination, and Resolution)
HKCERT will provide advisories to our constituency in handling the technical aspects of computer security incidents.
- Proactive Activities
HKCERT collaborates with FIRST and other worldwide CERT Teams.
- Incident Response (Triage, Coordination, and Resolution)
- Incident Reporting Forms
The current version is available from: https://www.hkcert.org/incident-reporting
- Disclaimers
None.