CERT-Bund is the governmental CERT (Computer Emergeny Reponse Team) for the German federal administration and takes the role of the national CERT for Germany.
In the role as the national German CERT, CERT-Bund receives a wide variety of information on security incidents related to IT systems in Germany from his partners and further trusted sources (for example, Shadowserver, Team-Cymru or Spamhaus) on a daily basis. Inter alia, this includes information on malware infections, databases exposed to the Internet as well as openly accessible services which can be abused – or have already been actively abused – for DDoS reflection attacks against third parties.
The information is automatically processed and incidents are matched with the responsible network operators based on the IP addresses of systems affected. Subsequently, network operators are notified of the incidents related to their networks. Internet service or hosting providers are asked to notify affected customers accordingly.
On the following pages, CERT-Bund provides information on security issues reported to German network operators and national CERTs in other countries with CERT-Bund Reports, advice on how to fix reported issues (HOWTOs) and answers to frequently asked questions (FAQ).
All CERT-Bund Reports are digitally signed using PGP with the following key:
pub 4096R/C4A3A3B26A180F1C 2014-06-04
Key fingerprint = 68F3 4CEB 9366 CA8E 43DE 1C54 C4A3 A3B2 6A18 0F1C
uid CERT-Bund Reports (sign only)