CERT ENEA RFC 2350 Version: 1.01 Date: 17.09.2018 Authors: Dariusz Gońda, Przemysław Podleżański 1. Document information This document contains a description of CERT ENEA according to RFC 2350. It provides basic information about the CERT ENEA, the ways it can be contacted, describes its responsibilities and the services offered. 1.1 Date of last update Version 1.01 17/09/2018 1.2 Distribution list for notifications There is no distribution list for notifications. 1.3 Locations where this document may be found The current version of this document can always be found at https://cert.enea.pl 2. Contact information 2.1 Name of the team CERT ENEA 2.2 Address CERT ENEA ul. Górecka 1 60-201 Poznań Poland 2.3 Time zone Central European Time zone (CET) which is GMT+01.00 (+02.00 during summer time). 2.4 Telephone number Phone number: +48 61 884 88 00 2.5 Facsimile number None 2.6 Other telecommunication Emergency phone number: +48 785 888 080 2.7 Electronic mail address All incidents reports should be sent to cert (at) enea (dot) pl Use of phone and fax for reporting incidents should be avoided as much as possible. 2.8 Public keys and encryption information PGP is used for functional exchanges between CERT ENEA and its Partners (incident reports, alerts, etc). Team PGP fingerprint: 0x760B060A6C2FA2DB PGP Public Key can be downloaded from https://cert.enea.pl/assets/cert_enea_pgpkey.asc 2.9 Team members The CERT ENEA team leaders are Przemyslaw Podlezanski and Dariusz Gonda. The team is made up of IT security experts from the companies beeing parts of Enea Group. 2.10 Other information 2.11 Points of customer contact The preferred method to contact CERT Enea team is send an e-mail to the address cert (at) enea (dot) pl, which is monitored by a duty officer during hours of operation. Urgent cases can be reported by phone on +48 785 888 080 Days/Hours of Operation: 09:00 to 17:00 Monday to Friday 3. Charter 3.1 Mission statement CERT ENEA mission is to support the Enea Group Companies to protect themselves against intentional and malicious attacks that would hamper the integrity of their IT and OT assets and harm the interests of the Enea Group. The scope of CERT ENEA activities covers prevention, detection, response and recovery. CERT ENEA will operate according to the following key values: - Highest standards of ethical integrity - High degree of service orientation and operational readiness - Effective responsiveness in case of incidents and emergencies and maximum commitment to resolve the issues - Building on, and complementing the existing capabilities in the constituents - Facilitating the exchange of good practices between constituents and with peers - Fostering a culture of openness within a protected environment, operating on a need to know basis 3.2 Constituency ASNs: AS39219 AS39794 AS47468 AS57569 AS8364 AS35745 AS29653 AS197135 Domains: mpec.bialystok.pl cieplosystemowe.bialystok.pl serwisgoinglive.eu enea.pl enea.com.pl firma.enea.pl enea.mobi ebok.enea.pl m.ebok.enea.pl strefa.enea.pl strefaenea.pl operator.enea.pl m.operator.enea.pl enea-operator.com enea-operator.com.pl eneaoperator.pl wylaczenia-eneaoperator.pl enea-wytwarzanie.pl eneawytwarzanie.pl enea-wytwarzanie.com enea-wytwarzanie.com.pl enea-serwis.pl eneaserwis.pl enea-serwis.com.pl enea-serwis.com eneaserwis.com.pl eneaserwis.com enea-logistyka.pl enealogistyka.pl enea-logistyka.com enealogistyka.com enea-logistyka.com.pl enealogistyka.com.pl kontrahent.enea-logistyka.pl enea-pomiary.pl eneapomiary.pl enea-pomiary.com enea-pomiary.com.pl eneapomiary.com eneapomiary.com.pl enea-oswietlenie.pl eneaoswietlenie.pl eneaoswietlenie.com eneaoswietlenie.com.pl enea-oswietlenie.com enea-oswietlenie.com.pl eneos.pl eneos.com.pl awarie.eneos.pl enea-trading.pl eneatrading.pl enea-centrum.pl eneacentrum.pl centrum-enea.pl centrumenea.pl enea-centrum.com enea-centrum.com.pl enea-innovation.pl eneainnovation.pl enea-polaniec.pl eneapolaniec.pl enea-polaniec.com.pl eneapolaniec.com.pl ewsa.pl elko.com.pl elkosa.pl owpswietlik.pl ozwryn.pl ozwwichrowe.pl zielonaenergia.pl enea-pl.sitebees.com ir.enea.pl media.enea.pl eneadladomu.pl eneadlafirm.pl pelnaenergii.pl pelnaenergii.com pelnaenergii.com.pl stalacena.pl stalacena.com.pl eneacieplo.pl eneacieplo.com enea-cieplo.pl enea-cieplo.com enea-cieplo.com.pl enea-windykacja.pl enea-windykacja.biz.pl zze.com.pl zzesa.com.pl itserwis.com.pl bhu.com.pl e-bhu.pl e-bhu.com.pl eneapartner.pl watto.enea.pl watto-dev.enea.pl elektrownia-polaniec.pl elektrowniapolaniec.pl wylaczenia-eneaoperator.pl IP ranges: 194.165.41.0/24 194.50.214.0/24 195.242.176.0/24 91.233.18.0/24 195.216.109.0 - 195.216.112.255 193.16.229.0/24 195.64.174.7 91.216.202.0/24 79.190.128.182 77.45.9.54 77.45.9.139 77.252.130.159 212.33.81.248/29 212.33.77.32/29 195.117.125.0/24 82.177.57.192/27 83.12.0.230/30 83.16.212.26/30 83.13.145.110/30 83.17.62.98/30 79.189.145.190/30 83.3.141.238/30 83.12.91.30/30 83.18.253.130/30 46.171.48.202/30 46.171.48.186/30 83.18.225.90/30 95.50.96.150/30 83.3.31.98/30 82.160.150.68/30 89.171.213.184/30 83.3.59.54/30 77.45.86.241/30 46.170.87.250/30 83.14.81.62/30 83.14.160.102/30 83.3.31.118/30 46.170.123.50/30 83.3.136.106/30 79.190.128.218/30 83.3.31.102/30 83.12.239.166/30 80.52.201.26/30 83.3.59.58/30 80.52.240.50/30 85.221.205.210/30 85.221.205.122/30 85.221.205.246/30 85.221.206.58/30 85.221.206.74/30 3.3 Sponsorship and/or affiliation CERT ENEA is sponsored by CEO ENEA S.A. with management board of companies beeig part of Enea Group. 3.4 Authority The establishment of CERT ENEA was mandated via document: Regulations of the Organizational Units of ENEA SA amended by the resolution of the management board of ENEA SA Amended by Resolution of the Management Board No. 180/2018 of 08/05/2018 Valid from 25/05/2018 4. Policies 4.1 Types of incidents and level of support Enea Cert team will gradually roll out its services, starting with Announcements, Alerts and Incident Response Coordination 4.2 Co-operation, interaction and disclosure of information Cert Enea highly regards the importance of operational cooperation and information-sharing between Computer Emergency Response Teams, and also with other organisations which may contribute towards or make use of their services. 4.3 Communication and authentication CERT ENEA protects sensitive information in accordance with relevant regulations and policies within the EU. In particular, CERT ENEA respects the sensitivity markings allocated by originators of information communicated to CERT ENEA ("originator control"). Communication security (encryption and authentication) is achieved by various means: S/Mime based email encryption PGP or ACID or other agreed means, depending on the sensitivity level and context. 5. Services 5.1 Reactive: -Alerts and warnings -Incident handling -Vulnerability handling -Arftefact handling 5.2 Proactive: - Announcements - Technology watch - Security audits and assessments - Configuration and maintenance of security tools, applications, infrastructures and services - Development security tools - Intrusion detection services - Security related information dissemitation 5.3 Security Quality - Risk analysis - Security Consulting - Education and tranings - Product evaluation and certification - Awareness building - Business Continuity and disaster recovery planning 6. Incident reporting forms There are no local forms available. 7. Disclaimers While every precaution will be taken in the preparation of information, notifications and alerts, CERT ENEA assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.