Who are we
CYNET-CSIRT is the Academic Computer Security Incident Response Team (CSIRT) of the Cyprus Research and Academic Network (CYNET) that according to the Commissioner of Electronic Communications and Postal Regulation decision Action No. 358/2010 Τhe establishment of CYNET-CSIRT was funded under the Connecting Europe Facility (CEF) EU-Funded project – Telecommunications Sector Agreement No INEA/ICT/A2017/1528701, with action number 2017-CY-IA-0121. The team commenced operations on September 1st, . careful design decisions had to be made in order to strike a balance between different inherent trade-offs.
UNDER THE CONNECTING EUROPE FACILITY (CEF) – TELECOMMUNICATIONS SECTOR AGREEMENT No INEA/CEFflCT/A2017/1528701
For the action entitled “Establishment of Cypriot Academic CSIRT” (“the action”), action number 2017-CY-IA-0121
One of CYNET-CSIRT’s notable achievements was gaining Accredited Membership in the Trusted Introducer Community and becoming a Full Member of FIRST (Forum of Incident Response and Security Teams), the most renowned cybersecurity-oriented task forces.
CYNET-CSIRT is authorised to address all types of computer security incidents which occur, or threaten to occur to all Academic Institutions, Research Institutes and educational networks that are members of CYNET. It also provides early warnings, alerts, announcements and dissemination of information to its constituency and relevant parties regarding risks and incidents. Additionally, CYNET-CSIRT analyses the logs from incidents, vulnerabilities and artefacts and conducts incident response. This is accomplished by acting as an intermediary between affected parties and offering, when required, technical advice leading to the resolution of the incident. The affected parties may be internal or external entities to CYNET. CYNET-CSIRT typically responds to incident response requests within the same workday. The level of support offered by CYNET-CSIRT depends on the type of constituent, the severity and the impact of the incident. Moreover, it educates its members on the effects of cyberthreats and cyber-crime, training them to provide early warnings, alerts, announcements, and efficient use of relevant tools.
More precisely, CYNET-CSIRT offers the following types of services:
Reactive Services
Alerts and Warnings: This service involves disseminating information that describes an intruder attack, security vulnerability, intrusion alert, computer virus or hoax and providing any short-term recommended course of action for dealing with the resulting problem. The alert, warning or advisory is sent as a reaction to the current problem to notify constituents of the activity and to provide guidance for protecting their systems or recovering any systems that were affected.
Incident Response: CYNET-CSIRT informs and assists IT-security teams in handling and responding to incidents. In particular, it provides assistance or advice with respect to the following aspects of incident management:
- Incident Triage
✓ Investigating the validity of the incident.
✓ Determining the operational impact of the incident.
✓ Assigning a priority for incident response.
- Incident Coordination
✓ Document the incident.
✓ Coordinate contact with other sites which may be involved.
✓ Coordinate contact with CYNET Management.
✓ Provide information reports to other CSIRTs.
✓ Provide announcements to users, if applicable.
- Incident Resolution
✓ Technical assistance and analysis of compromised systems.
✓ Collecting statistics and evidence about incidents that could be used for protecting against future attacks.
Proactive Services: The proactive services of CYNET-CSIRT include:
✓Security announcements (including, but not limited to intrusion alerts, vulnerability warnings, and security advisories)
✓Real-time data analysis
✓Vulnerability analysis (including website vulnerability assessment)
✓Malware classification
✓Threat intelligence sharing
Security Quality Management: Services Besides the technical side of its work, CYNET-CSIRT performs coordinated actions for:
✓Awareness Building
✓Education and Training