Vulnerability monitoring
The alerts and advisories comes from wide variety of sources, from vendors, from security organizations, or independent actors.
InfraCERT offers its members strategic guidance in how to handle and mitigate vulnerabilities.
Threat intelligence
Relevant alerts of attacks can come from security partners or companies, both national and international.
InfraCERT will analyze and verify, if needed, information they get about current attacks, in order to ensure that the constituency get correct and relevant information as early as possible. InfraCERT will analyze the threats and provice the constituency with a criticality asessment and recommended countermeasures.
Detection
It is common knowledge that securing your perimeter is a moving target and combined with an increasing number of attackers with increasing amount of resources at hand, it is prudent to assume that malicious activity may occur within the company network.
Early detection of such malicous activity and the ability to assess its consequences is extremely important.
Incident response
InfraCERT will help the constituency improve their ability to handle incidents, offers a range of best practices and offers in house analysis of potential malicious documents.
InfraCERT offers assistance to the constituency during incidents and has an emergency backing agreement with mIRT, mnemonic's professional incident reponse team, through their InfraCERT agreement.
Counselling
InfraCERTs knowledge of the variety of security solutions enable InfraCERT to give independent councelling when selecting solutions in a wide variety of security related issues, taking into account both financial and security factors.
These service are member driven.
Emergency drills
InfraCERT may assist the members by counselling or participating in local emergency drills, as active participants or a response cell.
Training
InfraCERT will offer selected courses for its members in incident response and other security issues relevant for the constituency and emergency contingency requirements.
InfraCERT* optimizes securing of process control systems for the power industry. We update our members about relevant vulnerabilities and threats, so that they will be able to detect and defer digital attacks.
InfraCERT is an ISAC (Information Sharing and Analysis Center) and an IRT (Incident Response Team) for its constituency, and InfraCERT aims at ensuring good, secure and efficient incident management and information sharing between relevant companies nationally and internationally.
InfraCERT is a sector CERT for the electric power and petroleum sectors. The InfraCERT constituency also includes process control industry, water & wastewater, and energy recovery. InfraCERT is part of the Norwegian national response organization.
InfraCERT is an independent non-profit corporation, but has alerting responsibilities for the power and petroleum sectors in Norway in the event of serious cyber incidents. InfraCERT also does threat assessments, and gives input to national threat assessments.
InfraCERT is part of the Norwegian Sector Response Network, is a full member of Forum of Incident Response and Security Teams (FIRST) and is a certified incident response team in Trusted Introducer.
*CERT is an abbreviation for Computer Emergency Response Team.
Incidents are reported by e-mail, phone or web form. It it is urgent, you MUST call to avoid potential delays. You can also report cases by showing up in person, or any other communication methods that are available (eg. the Chat service or IRC).
Remember to encrypt sensitive information!! See contact further down for links to PGP-keys. If you need to share larger amounts of data, please use InfraCERT's sharing portal.