The following profile of CERT Tonga has been established in adherence to RFC-2350.
1. Document Information
1.1. Date of Last Update
This is version 1.0 of July, 1, 2016.
1.2. Distribution List for Notifications
Changes to this document are not distributed by a mailing list. Any specific questions or remarks please address to the email@example.com mail address.
2. Contact Information
2.1. Name of the Team
Tonga National CERT
PO Box 33
Tonga Cable Limited
Kingdom of Tonga
2.3. Time Zone
UTC/GMT + 13 hours
2.4. Telephone Number
2.5. Facsimile Number
2.6. Other Telecommunication
2.7. Electronic Mail
Incident Report : firstname.lastname@example.org
Non-Incident Report : email@example.com
2.8. Public Keys and Encryption Information
For Incident Report-
- Key ID: DBE3F45981E232EE
- Fingerprint: 8621 F07E 99A7 776B EBA4 1850 DBE3 F459 81E2 32EE
For Non- Incident Report-
- Key ID: C94AA3E11C0D6064
- Fingerprint: D0E7 C2D5 3BFA 4C89 7EAE 3776 C94A A3E1 1C0D 6064
2.9. Team Members
A full list of CERT Tonga team members is not publicly available. Team members will identify themselves to the reporting party with their full name in an official communication regarding an incident.
2.10. Other Information
2.11. Points of Customer Contact
In any case use CERT Tonga mail address, firstname.lastname@example.org
Our regular response hours (local time, save public holidays in Tonga) are everyday of the week from 08:30 – 19:30
Outside these hours the Duty Officer is available for incidents and can be reached at (+676 2378)
3.1. Mission Statement
CERT Tonga’s vision and mission statement are defined in the CERT Tonga TOR. The operations are detailed in the CERT Tonga and are reviewed annually as part of the planning of the Tongan government. A brief summary of the goal of CERT Tonga:
CERT Tonga is the National Computer Emergency Response Team in Kingdom of Tonga. Public and private parties, acting within their statutory scope, collect information, knowledge and expertise in the National Computer Emergency Response Team, which will help improve understanding of developments, threats, and trends and help parties deal with incidents and make decisions in crises. The main tasks include:
Coordination in case of ICT-related incidents such as data leakage, computer viruses, hacking and vulnerabilities in applications and hardware; Proactive action to prevent ICT-related incidents or to prepare for such incidents and reduce the impact.
The constituency of CERT Tonga in the Kingdom of Tonga consists of government organizations, private organization and also Tonga citizens.
3.3. Sponsorship and/or Affiliation
The Tonga National CERT (CERT Tonga) is the center for expertise on cyber security and incident response of the Tongan government. It is aimed at preventing ICT and internet related incidents and coordinates response to these incidents.
CERT Tonga is established on 8 July 2016 and operates to deal with computer security problems and their prevention, within its constituency.
CERT Tonga is part of the Ministry of Energy Information Disaster Environment Communication and Climate Change (MEIDECC) and consists of a general manager and 2 teams for incident response, knowledge services and organizational development.
The main purpose in incident handling is the coordination of incident response. As such, we advise constituents and have no authority to demand certain actions.
4.1. Types of Incidents and Level of Support
CERT Tonga handles various types of security incidents. The level of support depends on the type of the incident and the severity as determined by CERT Tonga staffs.
4.2. Co-operation, Interaction and Disclosure of Information
All incoming information is handled confidentially by CERT Tonga, regardless of its priority. Information that is evidently very sensitive in nature is only communicated en stored in a secure environment, if necessary using encryption technologies.
CERT Tonga will use the information you provide to help solve security incidents. Information will only be distributed further to other teams and members on a need-to-know base, and preferably in an anonymized fashion.CERT Tonga understands the Traffic Light Protocol (TLP) for classifying information.
4.3. Communication and Authentication
The preferred method of communication is via e-mail. When the content is sensitive enough or requires authentication, the CERT Tonga PGP key is used for signing e-mail messages. All sensitive communication to CERT Tonga should be encrypted against the team’s PGP key.
Incident response provides 24/7 availability to coordinate recovery from all types of ICT related incidents and consists of expertise, tools and other capabilities to act, analyse and communicate with stakeholders and media.
5.1.1. Incident Triage
* Investigating whether indeed an incident occurred.
* Determining the extent of the incident.
5.1.2. Incident Coordination
* Determining the initial cause of the incident.
* Facilitating contact with other sites which may be involved.
* Communicate with stakeholders and media
5.1.3. Incident Resolution
* Providing advice to the reporting party that will help removing the vulnerabilities that caused the incident and securing the systems from the effects of the incidents.
* Evaluating which actions are most suitable to provide desired results regarding the incident resolution.
* Provide assistance in evidence collection and data interpretation when needed.
5.2. Proactive Activities
Prevention and preparation consists of all activities aimed at reducing the probability or impact of an incident for the constituents. CERT Tonga provides the constituents with current information and advise on new threats, and attacks which may have impact on their operations and builds awareness and skills of employees. CERT Tonga provides alerts and practical advice to the public and small enterprises via the alerting service www.cert.gov.to
6. Incident Reporting Forms
The forms required to report an incident is download from CERT Tonga website.
While every precaution will be taken in the preparation of information, notifications and alerts, CERT Tonga assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.