CyberExchange (2017-EU-IA-0118)

image

The EU-supported CyberExchange project is like Erasmus for CERTs/CSIRTs in the EU. CERT staff can join other participating CERTs three days to two weeks and enhance the relations as well as facilitate the know how exchange. Two different types of exchanges are possible: In "Fellowships" an employee is sent to another participating CERT/CSIRT to gain new skills and experience and relays them at the home organization to colleagues. The other visit type is a "Technical Assistance Visit" where one person travels to another CERT/CSIRT to bringing knowledge about a specific tool or process. CERT.at was both a sending and a receiving party.

“Enhancing Cybersecurity in Austria” (2018-AT-IA-0111)

image

In 2018 CERT.at applied for a follow-up project to "Strengthening the CERT Capacity and IT security readiness in Austria" (CEF 2016-AT-IA-0089) another EU-supported project “Enhancing Cybersecurity in Austria" (2018-AT-IA-0111) as part of the Connecting Europe Facilities (CEF) program. It has been accepted in full amount and implies a 75% funding of the costs. The planning project duration is from september 2019 to august 2021.

It enhances human ressources, trainings, tool development as well as extensions of the server and security architecture of CERT.at.

The project covers internal enhancements as well as adaptions for internation collaboration with European CERTs. For example the integration and inclusion in "MeliCERTes", another EU-funded project for collaboration between European CERTs is a major part of the project.

A special focus is the research (Data Science) and the automation of existing data sets and the extension of own data sourcesfor incident management in cooperation with the Research & Development Team ("R&D") of der nic.at.

Last but not least the further development of IntelMQ in the international context as well as in cooperation with CERT.pl's tool "n6" is supported.

“MeliCERTes” (SMART-2018-2014)

MeliCERTes1 aims at creating and developing a toolbox for CERTs/CSIRTs, primarily focusing on national CERTs/CSIRTs which are part of the CSIRTs network according to the EU NIS directive. The use of Open Source tools is emphasised to guarantee transparency of software functionality, reduce costs and ensure constant development of the tools. The final goal is a software platform which enhances communication and increases data and knowledge exchange within the CSIRTs network.

For example, MeliCERTes financed new interfaces between tools like IntelMQ, MISP, and others. These efforts strenghtens the CERT/CSIRT community as well as the IT security community as a whole.

Software and documentation created during the project are published on https://github.com/melicertes/.

Thus, MeliCERTes creates an inventory of what is currently used by national CERTs/CSIRTs within the EU and adds new items to it. This "blue print" can be used by new CERTs/CSIRTs; not only to get operational very quickly but also to make sure that they implement solutions for which extensive knowledge already exists within the CSIRTs network so they can ask their peers if problems arise.

MeliCERTes is currently developed by a consortium consisting of CERT.at, CERT.EE, CERT.pl, CIRCL, SK-CERT, and Deloitte.

SMART-2018-2014 is the follow-up project to SMART 2015/1089 which was tendered in 2015 and won 2016 by a consortium consisting of Capgemini, S-Cure, and Intrasoft International. Details about the initial call for tenders can be found here. The one for the current project is accessible at https://ec.europa.eu/digital-single-market/en/news/call-tender-advance-melicertes-facility-used-csirts-eu-cooperate-and-exchange-information.

Constituency-Portal NG („tuency“)

The “Constituency-Portal” is a contact data management tool featuring self-service functionality and is directly integrated with the authentication solution Keycloak. This allows us to use the contact data for authentication in other linked applications. The software further enhances and extends our possibilities to better address and configure our daily e-mail notifications for network owners regarding issues in their networks.

The software “tuency” is currently being developed by our partner Intevation GmbH (located in Osnabrück, Germany) as Free Software. The code can be found at gitlab.

This project is partly funded by CEF 2018-AT-IA-0111 (see above).

image

Participation in research projects

InduSec

CERT.at takes part in the project "InduSec" stared in 2019 by SBA Research. Most notably the focus is to level IT und OT in respect to security. More information can be found at the Webseite of SBA Research.

ACCSA (KIRAS)

CERT.at participates in Austrian Cyber Crisis Support Activities (ACCSA), which aim to prepare state-level actors in the national cyber-crisismanagement ("Cyber-Krisenmanagement", CKM) for cyber-crisis with comprehensive teaching-, training- and analysis-concepts to minimize reaction times and error rates in case of real cyber-crisis. More details can be found at the Webseite of KIRAS.


  1. The name is derived from the ancient Greek deity Melicertes (gr. Μελικέρτης) who helped ships to safely arrive in the harbour.