MyCERT RFC 2350 Profile

Document Creation Date: 4th May 2012

 

1.0 Document Information

This document complies with RFC 2350.

1.1. Date of Last Update

This is version 1.0 as of May 3rd, 2012.

1.2. Distribution List for Notifications

This profile is kept up-to-date in the location specified in section 1.3. E-mail notification of updates are sent to MyCERT Management and Incident Handler.

Please send any questions about updates to the MyCERT e-mail address:

cyber999@cybersecurity.my


mycert@mycert.org.my

1.3. Locations where this Document May Be Found

The current version of this profile is always available at http://www.mycert.my/

2.0 Contact Information

2.1 Name of the Team

Full name: Malaysia Computer Emergency Response Team.
Short name: MyCERT

2.2 Address

Malaysian Computer Emergency Response Team (MyCERT)
CyberSecurity Malaysia
Level SAPURA@MINES 7, Jalan Tasik, The Mines Resort City
43300 Seri Kembangan
Selangor Darul Ehsan
MALAYSIA

2.3 Time Zone

GMT +0800

2.4 Telephone Number

MyCERT Cyber999 Hotline number: 1300882999
MyCERT 24x7 Mobile number: +6019-2665850

2.5 Facsimile Number

+603-89453442

2.6 Other Telecommunication

Twitter: http://www.twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my

2.7 Electronic Mail Address

Please send incident reports to cyber999@cybersecurity.my
Non-incident related mail should be addressed to cyber999@cybersecurity.my

2.8 Public Keys and Encryption Information

Please encrypt any sensitive e-mail with the MyCERT's PGP key and send to cyber999@cybersecurity.my

MyCERT's Public Key is available at Section 4.3.
Please sign messages using a key that is verifiable using the public keyservers.

2.9 Team Members

No public information is provided about MyCERT team members.

2.10 Other Information

Further information about MyCERT can be found at: http://www.mycert.org.my

2.11 Points of Customer Contact

The preferred method for contacting MyCERT is e-mail.

For general inquiries, please send e-mail to: cyber999@cybersecurity.my.
For abuse or security issues, please use cyber999@cybersecurity.my.
For network, server, or service issues, please use cyber999@cybersecurity.my.

MyCERT hours of operation are generally restricted to regular business hours, or 09:00 to 18:00 Monday to Friday except public holidays. After business hours/weekends/public holidays MyCERT can be contacted at 24x7 via +60192665850

3.0 Charter

3.1 Mission Statement

To address the computer security incidents of Malaysian Internet users and to reduce the probability of successful attacks and lower the risk of consequential damage.

3.2 Constituency

MyCERT constituency is all Internet users in Malaysia including all sectors and home users.

3.3 Sponsorship and/or Affiliation

Co-founder and member of APCERT
Member of FIRST
Co-founder and member of OIC CERT

3.4 Authority

CyberSecurity Malaysia (www.cybersecurity.my) is the national cyber security specialist centre under the Ministry of Science, Technology and Innovation or MOSTI (www.mosti.gov.my).

The Malaysian Government has gazetted the role of CyberSecurity Malaysia by Order of the Ministers of Federal Government Vol.53, No.13, dated June 22, 2009 by identifying CyberSecurity Malaysia as an agency that provides ICT security specialist services and continuously monitors threats to the national security.

4.0 Policies

4.1 Types of Incidents and Level of Support

All incidents are handled as according to the SLA as below: http://www.mycert.org.my/en/services/report_incidents/cyber999/main/detail/800/index.html

4.2 Co-operation, Interaction, and Disclosure of Information

All incoming information is handled as CONFIDENTIAL by MyCERT, regardless of its priority.

When reporting an incident of sensitive nature, please state so explicitly (for example, by using the label SENSITIVE in the subject field of e-mail) and, if possible, using encryption as well.

4.3 Communication and Authentication

For Secure communication, below is MyCERT's PGP key http://www.mycert.org.my/en/services/report_incidents/email_public/main/detail/167/index.html

MyCERT's PGP Key Version GnuPG v1.4.7 (GNU/Linux)

Bits: 1024
Key ID: 82B6ED71
Key Fingerprint: 57CD C689 1B0E 0835 3BBD AF97 D010 0570 82B6 ED71

-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.7 (GNU/Linux)

mQGiBEm1/NURBADycn3DgTtsmVbhTB+wXVuXHgekJ2QTd4BPcKKNtmTU6GVP/BfH gRlwKs5k7YrnVyAlM/LStA/Bx6cHy76GAyyFD5pH3dET2efxiWm3hJz9f1Df3+Jw gj3bVQqF7ieCEe3NnQJVLcmHmt/XCRR04AcitFi95D2jX7f7F9IrKI6qmwCg08zE gAQXhKJN7AiqeKKA7bkLkwED/0FR1myAc/3uskKV6vh7iiEZHTB91agqzW+D3ONh SzhoE9i2ADzDjHvquTswcMIMwspu+zhOVV11nrm71Lv4u0mY5uL/izlJCiwIdRsZ zkWe2fydnFQ8cDATyIin9l05AiEXrttUQigNoJE8uVSZ6RnQar1FnzQZcDL8gQen pzdzA/0cYgvCwZWtdmDIHKdx7zxfWIkKeYngzlc6YLdhS7sdHdOR/pb5zbHUB6Oa INZJDeW0zorU4TJlc5ABuka39otjRicgZQX645rfANZxfPwExzU89fm52XclPNdb ntoYnt5cBMKTmvFYnkOpizrWq+XIih+2GL6BKjQhyKLjjdBROrRJTWFsYXlzaWEg Q29tcHV0ZXIgRW1lcmdlbmN5IFJlc3BvbnNlIFRlYW0gKE15Q0VSVCkgPG15Y2Vy dEBteWNlcnQub3JnLm15PohhBBMRAgAhBQJJtfzVAhsDBwsJCAcDAgEEFQIIAwQW AgMBAh4BAheAAAoJENAQBXCCtu1xR64An0Y2j59ckOnEMsnD37rgzd5SeTpmAJ9U bdDateC1NxnfHz8mrq98Z9QSzLROTWFsYXlzaWEgQ29tcHV0ZXIgRW1lcmdlbmN5 IFJlc3BvbnNlIFRlYW0gKE15Q0VSVCkgPGN5YmVyOTk5QGN5YmVyc2VjdXJpdHku bXk+iGEEExECACEFAkm1/oQCGwMHCwkIBwMCAQQVAggDBBYCAwECHgECF4AACgkQ 0BAFcIK27XFU6QCeMGUOW2gdogFlan2ZF7si0EOavGsAoKCHUd6zrXrOOoSJ4hIB trdjRoJduQINBEm1/NUQCACIwNMZJWQ2swL6Nm6yEbUCHDUk2HpD7+upOAZITUGd Df4jD/Me5RCCcTkF+VuOW1jdxXab2+zFcL2+doepTko9ORksYe9DUEAg22JdPXBj L8mWxXTIMZrI/rIvFV7mYdH4nM/Ros+20zOPaC9kH13fHW5q/5KP+eGc8bJRNtkr 6feQhLVlvvn1pkS6NRdhdQuIUSDVmi5kCpLEf0ntZj8PwHbk3Xrh4xUJbmdnwYw0 GAiXjGR92wkX2seEfi+Wrgi6fGj5Fu4TJCqC6cbNG1vkY+xh+jJv6VsuxycUECw4 nFYzGcwkaSyU2dlSvLSB1L5nQCxZJ0ct3s4LZXonZe/bAAMGB/9XjJvDjst/JPdT SgySSkv+OWdIDr/YERzU3svcovipLMKe6GpDx6Ts8I8C0ECyCCzDFvVJ29hGlkOp ftdGrKHIxa+gKsvrRoGGoOoHClDnYSD8TDGmT2j2j2IAS1KvPaWqy8A/nOWxv3d0 MIT8e5+PpQ4y4muQ54Ldf8OCDblTvTXAi4UomRXLGY0Sa84Gobo9Oap9SbyQgzEd Mgo6dVwp65wIWrg2S1zxfWCfmPabhAK9Y09s5MLX0uJppQKD4njun9SDTpgboMCa JxYea/SJVFm5Lpw6j5112QW/MDHKSBwvD9PRrZasfRc0PpKJ0spHa4blefDHfKjO iguKSFiiiEkEGBECAAkFAkm1/NUCGwwACgkQ0BAFcIK27XHFnACgkbLDPoI01kJugYmSFKpnfdNKyekAoLJKPDvk9M+Mdee68VNNsBY6PJ5f =EVyh

-----END PGP PUBLIC KEY BLOCK-----

5.0 Services

5.1 Incident Response (Triage, Coordination, and Resolution)

MyCERT assist system administrators in handling the technical and organizational aspects of computer security incidents.

5.2 Proactive Activities

Producing Alerts, Advisories and Tools for the constituency.

List of Alerts and Advisories that had been produced are available at: http://www.mycert.org.my/en/services/advisories/mycert/2012/main/index.html

The Alerts and Advisories can be subscribed through MyCERT's Feed at: http://www.mycert.org.my/en/feed/

The tools that had been developed and released are:

5.2.1 DNSChanger Removal Tool
5.2.2 MD5 Search
5.2.3 Gallus
5.2.4 DontPhishMe
5.2.5 pKaji: The PHP Analyzer
5.2.6 MyKotakPasir: The Malware Sandbox
5.2.7 DNSwatch
5.2.8 MyPHPIPS

Details on the above tools can be referred at: http://www.mycert.org.my/en/resources/security_tools/main/main/detail/768/index.html

6.0 Incident Reporting Forms

The form is available at: http://www.mycert.org.my/report_incidents/online_form.html

7.0 Disclaimers

MyCERT disclaimer is available at: http://www.mycert.org.my/en/others/disclaimer/main/detail/154/index.html