Frequently Asked Questions Here are the answers to the most Frequently Asked Questions (FAQs) about CERT-In. We also have portal-specific FAQs that include frequently asked questions about the work in that particular area. Additional questions are welcome - please email them to Introduction to the CERT-In What is CERT-In? What does CERT-In do? Who runs CERT-In? Who can report computer security incidents to CERT-In? What can be reported to CERT-In? How to report incidents to CERT-In? How to report a vulnerability to CERT-In? What information is available online from CERT-In? Important Terms on CERT-In Website What is a computer security incident? What is a vulnerability? What are security guidelines? What is an incident note? What is an advisory? What is a vulnerability note? What is incident handling & response? Computer Security Incident Handling & Response What kind of information should I provide to the CERT-In staff when an incident occurs at my site? Will CERT-In disclose information that I share with it? Why should I report an incident? Security Information on CERT-In website How can I keep up-to-date with the latest information about attacks, vulnerabilities, and solutions? Where can I get information that helps me prevent security problems? Introduction to the CERT-In What is CERT-In? CERT-In is an acronym for 'Indian Computer Emergency Response Team'. CERT-In is the National Incident Response Centre for major computer security incidents in its constituency i.e. Indian cyber community. What does CERT-In do? CERT-In's primary role is to raise security awareness among Indian cyber community and to provide technical assistance and advice them to help them recover form computer security incidents. CERT-In provides technical advice to System Administrators and users to respond to computer security incidents. It also identifies trends in intruder activity, works with other similar institutions & organisations to resolve major security issues, and disseminates information to the Indian cyber community. CERT-In also enlightens its constituents about the security awareness and best practices for various systems & networks by publishing advisories, guidelines and other technical documents. Who runs CERT-In? CERT-in has been established by, and runs under the aegis of Ministry of Electronics and Information Technology, Government of India. Who can report computer security incidents to CERT-In? All users, system administrators of Indian cyber community What can be reported to CERT-In? Users and System Administrators can report computer security incidents and vulnerabilities to CERT-In. If you encounter any of the violations given below, you may contact CERT-In for technical assistance Attempts (either failed or successful) to gain unauthorised access to a system or data therein Disruption or denial of service Unauthorised use of a system for the processing or storage of data Changes to system hardware, firmware, or software characteristics without owner's knowledge, instruction, or consent Email-related security issues, spamming, mail bombing etc. Users of different systems working on various platforms and using different applications may report any vulnerability found in these systems, platforms, applications, services and devices to CERT-In. How to report incidents to CERT-In? You can report an incident to CERT-In by filling up the form on our website, electronic mail, telephone hotline or by Fax. Website The incident can be reported by filling up incident reporting form on our website. Fill in as many of the fields as possible to enable us to assess the severity and nature of the incident and assist in recovery, as needed. Electronic Mail The CERT-In email address for reporting incidents is: For all other inquiries and correspondence, write to:: Occasionally, a compromised system's electronic mail may be under surveillance by the intruder. If that is suspected, you are advised to use other means (telephone or fax) to file your report. Telephone Hotline You can contact the CERT-In on +91-11-24368572. Fax Incident report can be faxed to CERT-In at 91-11-24368546 How to report a vulnerability to CERT-In? A vulnerability can be reported to CERT-In by filling up the Vulnerability Reporting Form provided on our website. The information about a particular vulnerability can also be sent to CERT-In by Fax or by e-mail : What information is available online from the CERT-In? For details please follow the link for CERT-In site map Important Terms on CERT-In Website What is a computer security incident? A computer security incident is any real or suspected adverse event in relation to the security of computer systems or networks. It is an act of violating explicit or implied security policy resulting in, unauthorised access, denial of service/disruption, unauthorised use of a system for processing or storage of data or changes to system software, hardware, firmware characteristics without the owner's knowledge. What is vulnerability? A vulnerability is the existence of a flaw or weakness in hardware or software that can be exploited resulting in a violating of an implicitly or explicit security policy. What are security guidelines? CERT-In has prepared best practices & system specific security guidelines to help the Indian cyber community enhance security of their systems and networks. What is an incident note? An incident note is the information provided to its constituents by CERT-In in response to wide spread exploitation of a specific vulnerability, which is based on statistical analysis of incidents reported to CERT-In and our observations thereof. What is an advisory? An advisory is the information provided by CERT-In in response to a critical vulnerability, affecting or potential to affect a large number of systems or networks in its constituency. What is a vulnerability note? A vulnerability note is the information provided by CERT-In to its constituents in response to a new vulnerability discovered in a system, platform, service or device. What is incident handling & response? CERT-In will provide assistance to System Administrators in handling computer security incidents by providing advice and support in recovering from an incident, and containing the damage, restoring system to operation. Refer to Incident Reporting page. Computer Security Incident Handling & Response What kind of information should I provide to the CERT-In when there is an incident at my site? Please refer to our incident reporting form available on the website. Will CERT-In disclose information that I share with it? We will keep any information specific to your site confidential unless you give us permission to release that information. We distribute only composite, sanitized information. The CERT-In's policy is to not release any information about a site's involvement in an incident, without the site's explicit permission to do so. While this policy ensures that you can report intruder activity to us in confidence, it also hinders our ability to put you in contact with other sites involved in the same or similar incident. Why should I report an incident? To receive technical assistance in resolving a computer security incident. To contain damage due to a security incident. To help CERT-In disseminate better statistical information to Indian cyber community. To help CERT-In raise security awareness among Indian cyber community To Help CERT-In develop better security guidelines Security Information on CERT-In website How can I keep up to date with the latest information about attacks, vulnerabilities, and solutions? You can keep up to date with latest security information by referring to the following links: http://www.cert-in.org.in/advisory/ for Latest CERT-In Advisories http://www.cert-in.org.in/vulnerability/ for Latest CERT-In Vulnerabilities Notes http://www.cert-in.org.in/incident/ for CERT-In Incident Notes http://www.cert-in.org.in/knowledgebase/guidelines for CERT-In Security guidelines and Best practices documents Where can I get information that helps me prevent security problems? CERT-In website provides information for all users & System Administrators regarding new vulnerabilities, emerging computer security issues, best practices and security guidelines. Contact Us