HKCert

RFC2350 - CSIRT Description for HKCERT

 

1. About this document

 

1.1 Date of Last Update

 

This is version 1.0, published on 01 June 2018.

 

1.2 Distribution List for Notifications

 

This document is kept latest in the location specified below. Email notification of updates is sent to HKCERT Management.

 

Please send questions about updates to the HKCERT team email address: [email protected]

 

1.3 Locations where this Document May Be Found

 

The current version of this CSIRT description document is available from the HKCERT WWW site; its URL is https://www.hkcert.org/rfc2350/

 

2. Contact Information

 

2.1 Name of the Team

 

Full Name: Hong Kong Computer Emergency Response Team Coordination Centre

Short Name: HKCERT

 

2.2 Address

 

HKPC Building,

78 Tat Chee Avenue, Kowloon,

Hong Kong

 

2.3 Time Zone

 

Asia/Hong Kong (GMT+0800)

 

2.4 Telephone Number

 

+852 8105 6060

 

2.5 Facsimile Number

 

+852 8105 9760 (this is NOT a secure fax)

 

2.6 Other Telecommunication

 

None.

 

2.7 Electronic Mail Address

 

<[email protected]>  This is a mail alias that relays mail to the human(s) on duty for the HKCERT.

 

2.8 Public Keys and Other Encryption Information

 

The HKCERT has a PGP key, whose Key ID is 0x018C7573 and whose fingerprint is

D388 1D39 EB17 32D3 5457 CACA 9BC2 605E 018C 7573.

 

The key and its signatures can be found at the public PGP key servers.

 

2.9 Team Members

 

No public information is provided about HKCERT members.

 

2.10 Other Information

 

HKCERT is a member of the Forum of Incident Response and Security Teams (FIRST); detail see https://www.first.org/members/teams/hkcert

 

2.11 Points of Customer Contact

 

The preferred method for contacting HKCERT is email.

  • For general inquiries, please send email to [email protected]

  • For abuse or security issues, please send email to [email protected]

  • In an emergency, contact HKCERT at +852 8105 6060.

 

3. Charter

 

3.1 Mission Statement

 

Managed by the Hong Kong Productivity Council (HKPC), Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) is the centre for coordination of computer security incident response for local enterprises and Internet Users. Its missions are to facilitate information disseminating, provide advices on preventive measures against security threats and to promote information security awareness.

 

3.2 Constituency

 

Local enterprises and Internet users of Hong Kong Special Administrative Region.

 

3.3 Sponsorship and/or Affiliation

 

The HKCERT is sponsored by the Hong Kong SAR Government and managed by the Hong Kong Productivity Council (HKPC).

 

3.4 Authority

 

HKCERT is led by the Centre Manager with authority delegated by HKPC.

 

4. Policies

 

4.1 Types of Incidents and Level of Support

 

Reported incidents would be treated in different priorities as rated by HKCERT well-defined assessment framework.

 

4.2 Co-operation, Interaction and Disclosure of Information

 

All incoming information is handled confidentially by HKCERT, regardless of its priority, according to the HKCERT Information Security Policies.

 

When reporting a sensitive incident, please state explicitly (for example, by using the label “CONFIDENTIAL”  in the subject field of email) and, if possible, use encryption.

 

HKCERT supports the Traffic Light Protocol (TLP; see https://www.first.org/tlp/). Information that arrives with the tags WHITE, GREEN, AMBER, or RED will be handled appropriately.

 

4.3 Communication and Authentication

 

See section 2.8; In cases that involve sensitive information, use of PGP/GPG is highly recommended.

 

5. Services

 

5.1 Incident Response (Triage, Coordination, and Resolution)

 

HKCERT will provide advisories to our constituency in handling the technical aspects of computer security incidents.

 

5.2 Proactive Activities

 

HKCERT collaborates with FIRST and other worldwide CERT Teams.

 

6. Incident Reporting Forms

 

The current version is available from: https://www.hkcert.org/incident-reporting

 

7. Disclaimers

 

None.