RFC-2350

1.   Document Information

This document contains a description of bjCSIRT as implemented by RFC 2350. It provides basic information about bjCSIRT, its channels of communication, its roles and responsibilities.

1.1.              Date of Last Update

01/03/2018

1.2.              Distribution List for Notifications

There is no distribution list for notifications.

1.3.              Locations where this Document May Be Found

The current version of this document can always be found at https://csirt.gouv.bj/bjCSIRT-rfc2350-en

1.4.              Authenticating this document

This document has been signed with the PGP key of bjCSIRT. See section 2.8 for more details.

 

2.   Contact Information

2.1.              Name of the Team

bjCSIRT, National CSIRT of Benin Republic

2.2.              Address

Benin Republic Presidency
Annex
Palais de la Marina
Cotonou – Bénin

2.3.              Time Zone

UTC+01, West-Central Africa, all the year.

2.4.              Telephone Number

+229 21 30 02 36

2.5.              Facsimile Number

N/A

2.6.              Other Telecommunication

N/A

2.7.               Electronic Mail Address

contact@csirt.gouv.bj

2.8.              Public Keys and Encryption Information

The bjCSIRT has a PGP key (0xA021CE57), with KeyID 2725d162a021ce57 and fingerprint 215A DA01 AB0A DC00 0EEF  768B 2725 D162 A021 CE57. The key and its signatures can be found at public key servers like pgp.mit.edu.

2.9.              Team Members

The head of bjCSIRT is Mr Ouanilo Jérôme MEDEGAN.

Information about other team members is available upon request.

2.10.          Other Information

General information about bjCSIRT is available at https://csirt.gouv.bj

bjCSIRT Twitter profile (mostly in French): https://twitter.com/bjCSIRT

 

2.11.           Points of Customer Contact

The preferred communication channel is the e-mail address contact@csirt.gouv.bj. If it’s not possible to use e-mail, please call the official phone number indicated in p.2.4. Appropriate communication channels are advised according to the nature of the request.

bjCSIRT has one team member on duty 24/7.

3.   Charter

3.1.              Mission Statement

bjCSIRT’s mission is to support the government of Benin Republic and constitutional institutions to protect themselves against intentional and malicious attacks that would hamper the integrity of their IT assets and harm the interests of Benin Republic. The scope of bjCSIRT’s activities covers prevention, detection, response, recovery and help to cybercrime investigation. bjCSIRT will operate according to the following key values:

  • Highest standards of ethical integrity
  • High degree of service orientation and operational readiness
  • Effective responsiveness in case of incidents and emergencies and maximum commitment to resolve the issues
  • Building on, and complementing the existing capabilities in the constituents
  • Facilitating the exchange of good practices between constituents and with peers
  • Fostering a culture of openness within a protected environment, operating on a need to know basis

3.2.              Constituency

The constituency of bjCSIRT is composed of all the Benin Republic governmental institutions, constitutional institutions and state agencies. For a complete list and more information please see https://csirt.gouv.bj/bjCSIRT-constituency

3.3.              Sponsorship and/or Affiliation

Benin Republic Presidency
Presidential Numeric Council
Digital Agency (ADN)
National Agency for Information Systems Security (ANSSI-Bénin)
Analysis & Investigation Bureau (BAI)

3.4.              Authority

Full authority

4.   Policies

4.1.              Types of Incidents and Level of Support

N/A

4.2.              Co-operation, Interaction and Disclosure of Information

bjCSIRT highly regards the importance of operational cooperation and information-sharing between Computer Emergency Response Teams, and also with other organisations which may contribute towards or make use of their services.

bjCSIRT works in tight cooperation with Police. Standard privacy laws apply. In case of a potential criminal incident we recommend the proper Police Unit to handle the case. Rules of good practice are in place to avoid dissemination of private data. Cases and examples are disseminated in professional circles in an anonymised form.

4.3.              Communication and Authentication

For international communications ordinary precautions apply – like communicating to/via previously trusted and listed teams and using PGP.

5.   Services

5.1.              Incident Response

bjCSIRT will define, assess and prioritise all types of ICT incidents. In particular, it will provide assistance or advice with respect to the following aspects of incident management:

5.1.1.   Incident Triage

  • Investigating whether indeed an incident occurred.
  • Determining the extent of the incident.

 

5.1.2.   Incident Coordination

  • Determining and contacting the involved organizations.
  • Facilitating contact with other parties including law enforcement, if needed.
  • Asking for reports and/or composing reports, depending on the involved organizations, incident type and severity.
  • Communicating with media, if necessary.

5.1.3.   Incident Resolution

  • Advising the involved organization(s) on appropriate measures.
  • Following up the incident solution process.
  • Collecting evidence and interpreting data, if applicable.

5.2.              Proactive Activities

  • Conducting periodic security audits
  • Providing relevant information on threats, trends and remedies to their constituency (and/or media, if necessary) to raise security awareness and competence.
  • Collecting contact information of local security teams.
  • Providing for a for community building and information exchange within the constituency.

5.3.              Cybercrime investigation

This service aims to provide to LEO relevant information during cybercrime investigation

 

6.   Incident Reporting Forms

bjCSIRT expects the reporter to be able answer 3–5 standard questions (Where? When? What? How? Who?) and provide the assumptions according to the logs. It is also possible to submit the incident report form online at https://csirt.gouv.bj/report

7.   Disclaimers

While every precaution will be taken in the preparation of information, notifications and alerts, bjCSIRT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.