Communication with GOV CERT SK

For reporting an incident are following addresses and procedures.

E-mail communication

General information and questions send to:

infocert.gov.sk

Incident report send to:

incident ( at ) cert.gov.sk

Key identifier, which you can use for reporting incident to:

incident ( at ) cert.gov.sk

User ID: GOV CERT SK (NASES) <incident ( at ) cert.gov.sk>

PGP Key ID: 0xCA4685063EC53992

PGP Key Fingerprint: 5E9B 77EC AE23 530B 56C5 2CB7 CA46 8506 3EC5 3992

You can download the key in TXT ASC format

Rules for incident reporting to incident ( at ) cert.gov.sk:

One report could be just for one IP address or address block.
Report should be send from valid email address.
Report should contain basic contact information about
- Name of Organisation
- Position
- Phone and email contact
Report should contain description of incident:
- Date, exact time of incident
- subject of incident ( attacked system, organisation, person)
- information about attacked system whether it is clasified and/or critical system
- information about originator of incident (if it is known IP adress, source port, other..)
- description of incident ( detail description included concrete addresses, versions, URL, logs, etc)
- information whether the incident is already being solved
- request, if cooperation of GOV CERT is needed
- information whether it is possible to send a sample of emails with headers, sample of malware, sample of captured packets in PCAP format …

Phone communication

You could report incident to Security and Network operation center, phone number: +421 2 3278 0780

Rules for incident reporting to phone contact +421 2 3278 0780:

Report should contain basic contact information about /
- Name of Organisation
- Position
- Phone and email contact

First publication 04. 5. 2018. Last update 18. 9. 2019 15:18