Incident reporting
A computer security incident is any act of disrupting the normal functioning of an information system or its components. An incident can also be any behaviour a system exhibits outside of what it was designed to do. CERT RS offers help with computer security incidents to all its constituents. This help can be in the form of recommendations, notifying the proper authorities if a crime has occurred, or in some cases hands on technical assistance.
Report an incidentGeneral information
CERT RS is the national computer security incident response team of the Republic of Srpska. It is part of the Ministry for Scientific and Technological Development, Higher Education, and Information Society of the Republic of Srpska. Its primary mission is the coordination of computer security incident prevention, incident response and general protection of the cyber space of the Republic of Srpska. Cooperation and information exchange is essential to maintaining a healthy level of information security. National computer security incident response teams such as CERT RS play an important role in this information exchange. They serve as information hubs and exchange information with other national computer security incident response teams. This allows them to resolve computer security incidents that span across constituencies.
Some important dates in the history of CERT RS:
- Jun 23. 2011. The law on information security of the Republic of Srpska defines the national computer security incident response team of the Republic of Srpska and places it within the Agency for information society of the Republic of Srpska.
- Jun 01. 2015. CERT RS becomes operational.
- Feb 25. 2016. CERT RS receives a large number of incident reports regarding a specific variant of ransomware. This is the first wide spread malware campaign recorded by CERT RS.
- Dec 13. 2017. First occurrence of a massive malware campaign targeted towards the CERT RS constituency.
- Jan 01. 2019. CERT RS is moved to the Ministry for Scientific and Technological Development, Higher Education, and Information Society of the Republic of Srpska.
- Apr 20. 2019. The web page of CERT RS is reworked to offer content in English in an effort to facilitate international cooperation.
The duties and activities of CERT RS fall into:
- Proactive measures. These activities cover monitoring various sources of information for signs of computer security incidents within the national cyber space. Members of CERT RS notify the public about the latest malware trends, online threats, and general news from the field of information security.
- Reactive measures. These are activities such as the communication and notification about cyber security incidents, technical analysis of reported and discovered incidents. CERT RS is also tasked with reporting incidents with cyber crime elements and cooperation with the cyber crime department of the Ministry of Interior of the Republic of Srpska. CERT RS also attempts to relay vulnerability information published by reputable international sources or discovered by its members.