RFC 2350 declaration (English version)

RFC 2350 (EN)

  1. About this document

This document contains a description of UNB-CSIRT as implemented by RFC 2350. It provides basic information about UNB-CSIRT, its channels of communication, its roles and responsibilities.

1.1.              Date of Last Update

01/12/2020

1.2.              Distribution List for Notifications

There is no distribution list for notifications.

1.3.              Locations where this Document May Be Found

The current version of this document can always be found at https://csirt.etudiant.bj/unb-csirt-rfc2350-en

1.4.              Authenticating this document

This document has been signed with the PGP key of UNB-CSIRT. See section 2.8 for more details

2.   Contact Information

2.1.              Nom of the Team

UNB-CSIRT

Computer security incident response team of the national universities of Benin.

2.2.              Address

Université d’Abomey-Calavi

Abomey-Calavi, Bénin

2.3.              Time Zone

UTC+01, West-Central Africa, Porto-Novo/Africa.

2.4.              Telephone Number

+229 60889881

2.5.              Fax

N/A

2.6.              Other Telecommunication

N/A

2.7.               Electronic Mail Address

contact@csirt.etudiant.bj

2.8.               Public Keys and Encryption Information

UNB-CSIRT has a PGP with fingerprint E69C0BA2D9CB819DB88B0528822192128498D58C. The key and its signatures can be found at public key servers like pgp.mit.edu.

2.9.              Team Members

The team is made up of security experts who work full time on the activities of the UNB-CSIRT.

For reasons of confidentiality, we do not publish the names of our team members in public documents. Please contact us directly if you need more information.

2.10.          Other Information

General information about UNB-CSIRT is available at https://csirt.etudiant.bj

2.11.            Points of Customer Contact

The preferred communication channel is the e-mail address contact@csirt.etudiant.bj. If it’s not possible to use e-mail, please call the official phone number indicated in p.2.4. Appropriate communication channels are advised according to the nature of the request.

UNB-CSIRT has one team member on duty 24/7.

  1. Charter

3.1.              Mission statement

The mission of UNB-CSIRT is to help the education system of Benin, in particular national universities, to protect themselves against intentional and malicious attacks which undermine the integrity of their information system and would harm their interests. The scope of UNB-CSIRT’s activities covers prevention, detection, response, recovery. UNB-CSIRT will operate according to the following key values:

  • Ensure the day before to be aware of new cyber vulnerabilities, threats and attacks,
  • Inform stakeholders of significant events in this area,
  • Share information on threats that members are willing to share with other members,
  • Act as a relay between Members and security teams at sector level and around the world,
  • Provide support to its stakeholders to deal with incidents.

3.2.              Constituency

The constituency of the UNB-CSIRT is made up of all the national universities of Benin, the Beninese Education and Research Network.

  • The University of Abomey-Calavi (UAC),
  • The National University of Agriculture (UNA),
  • The University of Parakou (UP),
  • The National University of Science, Technology, Engineering and Mathematics (UNSTIM) and
  • RBER Project (Beninese Education and Research Network)

3.3.              Sponsorship and/or Affiliation

  • Ministry of Higher Education and Scientific Research (MESRS)
  • Ministry of Digital and Digitization (MND)
  • University of Abomey-Calavi (UAC).
  • National Computer security incident response team (bjCSIRT)
  • National Information Systems Security Agency (ANSSI-Benin).

3.4.              Authority

Full Authority.

  1. Policies

4.1.              Types of incidents and support level

N/A

4.2.   Co-operation, Interaction and Disclosure of Information

UNB-CSIRT attaches great importance to cooperation and information sharing among IT emergency response teams, as well as with other organizations.

UNB-CSIRT works closely with bjCSIRT. Standard privacy laws apply. In the event of a potential cyber-malicious incident, we recommend unit evaluation of bjCSIRT. Good practice rules are implemented to avoid the disclosure of private data. Cases and examples are disseminated in professional circles in an anonymized form.

4.3.              Communication and authentication

For international communications ordinary precautions apply – like communicating to/via previously trusted and listed teams and using PGP.

  1. Services

5.1.              Incidents Response

UNB-CSIRT will define, assess and prioritize all types of ICT incidents. In particular, it will provide assistance or advice regarding the following aspects of incident management:

5.1.1.   Incident Triage

  • Collect information on the incident.
  • Confirm that the event described is in fact a cybersecurity incident.
  • Determine the severity of the incident (what is the impact) and its extent (how many computers are affected).
  • Decide what type of service (coordination or resolution) should be triggered.

5.1.2.   Incident Coordination

  • Identify and contact the organizations involved.
  • Facilitate contact with the police if necessary.
  • Request / Write reports according to the organizations involved, the types of incidents and their severity.
  • Communicate in the media if necessary.

5.1.3.   Incident resolution

  • Advise the organizations concerned on the appropriate measures.
  • Monitoring of the incident resolution process.
  • Collect evidence and interpret data, as appropriate.

5.2.              Proactive Activities.

  • Provide relevant information on threats, trends and remedies to their members in order to build security awareness and competence.
  • Collect contact information from local security teams.
  • Provide for community strengthening and exchange of information within the constituency.

5.3.              Cybercrime Investigation

UNB-CSIRT can provide to LEO with vital information during investigations into cybercrimes committed within its scope of intervention.

6.   Incident Reporting FormS

UNB-CSIRT expects the notifier to be able to provide incident information and provide artifacts as needed. It is also possible to submit the incident report form online at https://csirt.etudiant.bj/declarer-un-incident/

  1. Disclaimer

While every precaution will be taken in the preparation of information, notifications and alerts, UNB-CSIRT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within