What is CERT?
Officially called the CERT Coordination Center, is the Internet’s official emergency team. CERT (which stands for “Computer Emergency Response Team”) was formed by the Defense Advanced Research Projects Agency (DARPA) in November 1988 after the Internet was assaulted in the Internet worm incident. Today, CERT focuses on security breach and denial-of-service incidents, providing alerts and incident-handling and avoidance guidelines. CERT also conducts an ongoing public awareness campaign and engages in research aimed at improving security systems.
CERT is located at Carnegie-Mellon University in Pittsburgh where it is part of the Networked Systems Survivability program in the Software Engineering Institute, a federally funded research and development centre.
What is CERT Tonga?
The Government of Tonga, established CERT Tonga as a Tonga National CERT as an official point of contact for an emergency computer response. CERT Tonga was launched at 15th July, 2016. It will focus on security breach and provide alert and incident-handling to the government agency, financial institution, private sectors in the Kingdom of Tonga.
What are the Services provided by CERT Tonga?
• Serve as the Kingdom of Tonga’s national point of contact for cyber security issues
• Collaborate with the regional and international CERTs
• Issuance of security warnings and alerts
• Provide security awareness campaigns
• Conduct an annual cyber security threat survey
• Establish and maintain an incident database
• Identify capacity building programs for staff
• Conduct incident handling
• Perform vulnerability handling
• Digital evidence handling
• Conducting risk analysis
• Provide security consultation and advice
• Research development
• Provide forensic services
What is a computer incident?
A computer security incident is any event which may cause harm to your computer system or network.
What are the most common incidents?
• Unauthorized access
• Denial of service/disruption
• Site defacing
• Phishing (See Glossary)
• Virus attacks
Why would an organization need a CERT?
Computer security is required because most organizations can be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated. These include:
• Damage or destruction of computer systems.
• Damage or destruction of internal data.
• Loss of sensitive information to hostile parties.
• Use of sensitive information to steal items of monetary value.
• Use of sensitive information against the organization’s customers which may result in legal action by customers against the organization and loss of customers.
• Damage to the reputation of an organization.
• Monetary damage due to loss of sensitive information, destruction of data, hostile use of sensitive data, or damage to the organization’s reputation.
What can businesses do to protect themselves from cyber attack?
CERT Tonga encourages organisation to be prepared before an incident occurs. This involves a business knowing its network, understanding the value of its information and understanding how both are protected. Being prepared also involves a business understanding what constitutes normal behaviour on its network. By knowing this, a business is more likely to detect unusual behaviour.
Why Partner with CERT Tonga?
We encourage major businesses to partner with us before an incident occurs. Prevention is much better than cure when critical business systems are at stake. By having this relationship in place, we can share information efficiently and effectively with businesses to help with prevention and if necessary, mitigation.
Why is it important for businesses to report cyber incidents?
Timely reporting of cyber incidents to CERT Tonga allows us to form a more accurate view of cyber security threats and make sure that businesses receive the right help and advice. All information provided to us is held in the strictest confidence.