Page Updated: 12-Nov-2007
SPS Homepage > NATO-funded Studies & Projects

Computer Emergency Response Teams

Networking Infrastructure Grants - NIGs

NIG 982716 Creation of CERTs in Albania, Macedonia, Bulgaria Period 2006-2008 Co-Directors Dr. Jacek Gajewski Warsaw, Poland gajewski@ceenet.org Dr. Neki Frasheri Tirana, Albania nfra@inima.al

NIG 982338 Creation of CERTs in Belarus, Moldova, Ukraine Period 2006-2008 Co-Directors Dr. Jacek Gajewski Warsaw, Poland gajewski@ceenet.org Dr. Romuald Griganets Minsk, Belarus cit@it.org.by

NIG 982715 Creation of CERTs in SILK Countries Period 2006-2008 Co-Directors Dr. Jacek Gajewski Warsaw, Poland gajewski@ceenet.org Prof. Adriana Gjonaj Tirana, Albania agjonaj@mash.gov.al

Key Links Virtual Silk Highway CERT Website

The NATO Science for Peace and Security Programme has awarded grants for creating CERTs (Computer Emergency Response Teams) or CSIRTs (Computer Security Incident Response Teams)¹ - that can react in case of computer emergencies, such as cyber attacks - in Albania, the former Yugoslav Republic of Macedonia², Bulgaria, Belarus, Moldova, Ukraine and the Silk countries. These NIGs include the installation of the infrastructure for the CERTs or CSIRTs and the establishment of a group of IT specialists in each country’s NREN (National Research and Education Network) responsible for the security environment of the backbone network.

The complexity of computer and network infrastructure and the challenges of administration make it difficult to properly manage network security. When computer security incidents occur, organisations must respond quickly and effectively, in order to limit damage and lessen recovery costs. Unfortunately, network and system administrators often do not have sufficient people nor security practices in place to defend against attacks and minimise damage. The NRENs’ members, which are universities, research institutions, etc., are often faced with this problem. Establishing CERTs or CSIRTs within the NRENs’ IT groups seems to be the ideal way to provide this rapid response capability and help prevent future incidents.

The CERT’s/CSIRT’s role consists of:

• a helpdesk reachable by phone, email or web that provides the customer with consultation services relating to security issues.
• Permanently monitor the customers’ traffic in order to identify suspicious patterns. In case of suspicious activity, the customer on whose channel the problem is detected should be warned and provided with reactive measures that can solve it.
• Maintain 24/7 contact with CERTs in other countries in order to be aware of new threats and keep a world-standard security service. Send the critical security related news to all customers by email as well as posting it on the CERT website.

The CERTs/CSIRTs obviously play a significant role in the operation and maintenance of the NRENs and increase the quality of the service provided to educational and research institutions.

top 

1 There is very little difference in the substance of activities between CERTs and CSIRTs. CSIRTs who wish to use "CERT" in their name must request permission, since the name CERT is registered in the U.S. Patent and Trademark Office.

2 Turkey recognises the Republic of Macedonia with its constitutional name.