CARICERT Profile

CARICERT Profile

Established according to RFC-2350.

1. Document Information

1.1. Date of Last Update

This is version: October 8th, 2024.

1.2. Distribution List for Notifications

This profile is kept up-to-date on the location specified in 1.3. E-mail notification of updates will be sent to:

  • All registered CARICERT constituents
  • Any such parties with which CARICERT has an explicitly defined working relationship
  • The FIRST (worldwide), LACNIC (South America) and Trusted Introducer (Europe) CSIRT communities

Any questions about updates please address to the CARICERT “Contact us link” on the website.

1.3. Locations where this Document May Be Found

The current version of this profile is always available on
https://www.caricert.cw/about-us/caricert-profile/
.

2. Contact Information

2.1. Name of the Team

Full name: CARICERT Short name: CARICERT. CARICERT is the national CERT or CSIRT of Curaçao.

2.2. Address

Regulatory Authority of Curaçao (RAC) / CARICERT
Beatrixlaan 9
Curaçao

2.3. Time Zone

GMT/UTC-4 (No DST)

2.4. Telephone Number

+5999 4631700

2.5. Other Telecommunication

Not available.

2.6. Electronic Mail Address

Contact us to report security incidents, which relate to the CARICERT constituency.

2.7. Public Keys and Encryption Information

PGP/GnuPG is supported for secure communication. CARICERT provides all CARICERT team members with keys, to be used for signing and encryption. For general use, CARICERT has one encryption key, which is replaced every two years:

CARICERT 2024 ** Encryption Only ** Key: please use this key when you want/need to encrypt messages that you send to CARICERT (please sign your messages using your own key – it really helps when that key can be found on the public key servers)

The CARICERT team ** Encryption Only ** PGP Key  can be found here.

2.8. Team Members

No information about the CARICERT team members is provided in public.

2.9. Other Information

2.10. Points of Customer Contact

Regular cases: use CARICERT e-mail address. Regular response hours: Monday-Friday, 08:00-17:00 (except public holidays in Curaçao). EMERGENCY cases: send e-mail with URGENT in the subject line.

3. Charter

3.1. Mission Statement

The mission of CARICERT is to co-ordinate the resolution of IT security incidents related to their constituency (see 3.2), and to help prevent such incidents from occurring by means of announcements, alerts, warnings and advice.

3.2. Constituency

CARICERT is the national CERT or CSIRT of Curaçao. Therefore, the country of Curaçao is the main constituency. Priorities lie with the following sectors:

  • Telecommunication infrastructure and ICT
  • Finance
  • Utilities (Energy and  water production/distribution, airport, air-traffic control, maritime, etcetera)
  • Government

The constituency includes:

  • *.cw (new Curaçao tld)
  • all computer systems and IP-addressable devices situated on Curaçao
  • any other systems/networks belonging to other registered constituents

3.3. Sponsorship and/or Affiliation

CARICERT is part of the Regulatory Authority of Curaçao (RAC).

3.4. Authority

The team coordinates security incidents resolution on behalf of the country of Curaçao and of the registered constituents – and has no authority reaching further than that. The team is however expected to make tactical and operational recommendations in the course of its work. Such recommendations can include but are not limited to (temporarily) blocking or filtering addresses or networks. The implementation of such recommendations is not a responsibility of the team, but solely of those to whom the recommendations were made.

4. Policies

4.1. Types of Incidents and Level of Support

All incidents are considered normal priority unless they are labeled URGENT, in which case they are high priority. CARICERT itself is the authority that can set high priority back to normal – and the other way around. An incident can be reported to CARICERT as URGENT, but CARICERT will evaluate each case to decide whether or not to uphold the high priority status.

4.2. Co-operation, Interaction and Disclosure of Information

ALL incoming information is handled securely by CARICERT, regardless of its priority. Information that is evidently sensitive in nature is only communicated and stored in a secure environment, if necessary using encryption technologies. When reporting an incident of sensitive nature, please state so explicitly, e.g. by using the label CONFIDENTIAL in the subject field of e-mail, and if possible using encryption as well. CARICERT supports the Information Sharing Traffic Light Protocol version 2 (https://www.first.org/tlp/docs/tlp-a4.pdf) – information that comes in with the tags WHITE, GREEN, AMBER or RED will be handled appropriately. CARICERT will use the information you provide to help solve security incidents, as all CERTs do. This means that by default the information will be distributed further to the appropriate parties – but only on a need-to-know base, and preferably in an anonymized fashion. If you object to this default behavior of CARICERT, please make explicit what CARICERT can do with the information you provide. CARICERT will adhere to your policy, but will also point out to you if that means that CARICERT cannot act on the information provided. CARICERT does not report incidents to law enforcement, unless national law requires so. Likewise, CARICERT only cooperates with law enforcement EITHER in the course of an official investigation – meaning that a court order is present – OR in the case where a constituent requests that CARICERT cooperates in an investigation. When a court order is absent, CARICERT will only provide information on a need-to-know base.

4.3. Communication and Authentication

Usage of PGP/GnuPG (See 2.7 above), in all cases where highly sensitive information is involved is highly recommended. In cases where there is doubt about the authenticity of information or its source, CARICERT reserves the right to authenticate this by any (legal) means.

5. Services

5.1. Incident Response (Triage, Coordination and Resolution)

CARICERT is responsible for the coordination of security incidents resolution somehow involving their constituency (as defined in 3.2). CARICERT therefore handles both the triage and coordination aspects. Incident resolution is left to the responsible administrators within the constituency – however CARICERT will offer support and advice on request.

5.2. Proactive Activities

CARICERT pro-actively advises their constituency about recent vulnerabilities and trends in hacking/cracking and, also of ongoing attacks/threats when known/reported to CARICERT. This role is one of advice only: CARICERT is not responsible for implementation.

6. Incident reporting Forms

Preferably, report in plain text using “contact us” – or telephone.

7. Disclaimers

None.

Note: this component is only available for the blocks: platinum