terena logo
29 September 2008
Security updates and new chairs at 'anniversary' CSIRTs meetings
Former and current TF-CSIRT chairs: Gorazd Božič and Lionel Ferette

There was a change of chairmen last week in both the 25th meeting of the TERENA Task Force on Collaboration of Security Incident Response Teams (TF-CSIRT) on 25-26 September, and of a closed meeting immediately beforehand.

The ‘anniversary’ TF-CSIRT meeting was the first to be chaired by Lionel Ferette (BELNET), who took over the chairmanship from Gorazd Božič (ARNES) in May 2008. Gorazd Božič had led the task force since its creation eight years ago.

During the preceding closed meeting of representatives of Computer Security Incident Response Teams (CSIRTs) that are accredited by TERENA’s Trusted Introducer (TI) service, an exciting three-round election took place. This resulted in Przemek Jaroszewski (CERT Polska) being appointed a member of the TI Review Board, as Jacques Schuurman (SURFnet CERT) had completed his second three-year term of office on the board and could not be re-elected. Jimmy Arvidsson (Telia-Sonera CERT) succeeded Jacques Schuurman as chairman of the Board.

Memorable updates

Participants judged the programme of the 25th TF-CSIRT meeting to be one of the most interesting ever. The technical seminar on the first day and the task force business meeting on the second day featured a large number of technical presentations, introductions of new CSIRTs and progress reports on projects.

In an unannounced report, an overview was given of the cyber-attacks on Georgia that coincided with, and partly preceded, the South Ossetia war in August. There were similarities between those attacks and cyber-attacks directed against Estonia in 2007 and against Lithuania earlier this year.

The closed meeting of TI-accredited CSIRTs discussed confidential technical details of several cyber-attacks, phishing scams and other cyber-crimes. Among other things, participants received detailed information about the current dealings of a suspected cyber-criminal who had been convicted in Europe but is now operating on a large scale from the United States of America.

The meetings in Vienna were hosted by CERT.at, ACOnet CERT and the Austrian Academy of Sciences. They took place in the beautiful 18th century main building of the Academy and were attended by almost 80 security experts.


For more on TF-CSIRT, see the task force webpages.
More about the Trusted Introducer service is available on http://www.trusted-introducer.nl/.
See the news report TF-CSIRT to Estonia’s Rescue for more about the 2007 cyber-attacks against Estonia.