CSIRT RFC 2350

1. About this document

ASFINAG CSIRT profile has been established according to RFC 2350

Version: 1.0
Date: 31st January 2024 13:00:00 +0100
Author: csirt(at)asfinag.at

1.1 Date of last update

Date: -

1.2 Distribution list for notifications

There are no distribution/mailing lists defined according to notifications about updates of this document.

1.3 Locations where this document may be found

The current version of this ASFINAG CSIRT description document is available at: https://asfinag.at/rfc2350

2. Contact Information

2.1 Name of the team

ASFINAG CSIRT: Computer Security Incident Response Team of Autobahnen- und Schnellstraßen-Finanzierungs-Aktiengesellschaft

2.2 Address

Autobahnen- und Schnellstraßen-Finanzierungs-Aktiengesellschaft
Austro Tower, Schnirchgasse 17
1030 Vienna
AUSTRIA

2.3 Time Zone

We are located in Central Europe Timezone (CET) (UTC+0100, UTC+0200 from last Sunday in March to last Sunday in October)

2.4 Telephone Number

None

2.5 Facsimile Number

None

2.6 Other Telecommunication

None

2.7 Electronic Mail Address

csirt(at)asfinag.at

2.8 Public Keys and Encryption Information

ASFINAG CSIRT provides a web service to establish secure communication channels.
To be able to use this web service, you need to contact csirt(at)asfinag.at in the first place.

2.9 Team Members

No personal information is provided to the public.

2.10 Other Information

To report incidents and related issues please contact csirt(at)asfinag.at.

3. Charter

3.1 Mission Statement

The purpose of ASFINAG CSIRT is the response and mitigation of security issues affecting the Autobahnen- und Schnellstraßen-Finanzierungs-Aktiengesellschaft.

ASFINAG CSIRT is the single point of contact for technical issues regarding information security of Autobahnen- und Schnellstraßen-Finanzierungs-Aktiengesellschaft.

3.2 Constituency

ASFINAG CSIRT’s services are available to Autobahnen- und Schnellstraßen-Finanzierungs-Aktiengesellschaft and their network/datacenter affiliated companies or subsidiaries.

ASFINAG CSIRT has authority over ASN AS39478.

3.3 Sponsorship and/or Affiliation

ASFINAG CSIRT is located in the department called IT Servicemanagement of Maut Service GmbH. ASFINAG CSIRT is part of and funded by Autobahnen- und Schnellstraßen-Finanzierungs-Aktiengesellschaft

3.4 Authority

In case of security incidents (see Ch. 4.1), ASFINAG CSIRT cooperates with representatives of its constituency (see Ch. 3.2).

ASFINAG CSIRT is in charge of proactive and reactive IT security measures within Autobahnen- und Schnellstraßen-Finanzierungs-Aktiengesellschaft.

4. Policies

4.1 Types of Incidents and Level of Support

ASFINAG CSIRT is authorized to address information and computer security incidents which occur in its constituency (cf. 3.2)

4.2 Co-operation, Interaction and Disclosure of Information

ASFINAG CSIRT cooperates with the relevant public authorities and regulatory bodies.
ASFINAG CSIRT cooperates on a national level with other CERTs(CERT.at).
ASFINAG CSIRT does not disclose any internal information related to its constituency.

4.3 Communication and Authentication

For normal communication not containing sensitive information, ASFINAG CSIRT will use conventional methods like an unencrypted e-mail.

For secure communication ASFINAG provides a web service. To be able to use this web service you need to contact csirt(at)asfinag.at in the first place.

If it is necessary to authenticate a person before communicating, this can be done with methods like callbacks or face-to-face meetings if necessary.

5. Services

5.1 Incident Response

ASFINAG CSIRT coordinates incident prevention, as well as handling and responding within its constituency.

5.1.1 Incident Triage

- Determine whether an incident is authentic

- Assessing and prioritizing the incident

- Determine the involved applications and departments

5.1.2 Incident Coordination

- Contact involved departments and ask them to investigate and take appropriate mitigation steps

- Notify other departments if reasonable

- Facilitating contact to other parties which can help resolve the incident

- Send reports to other CERTs if reasonable

5.1.3 Incident Resolution

Advise local security teams on appropriate actions

- Follow up on the progress of the concerned local security teams

- Ask for reports

- Report back

ASFINAG CSIRT collects statistics about incidents within its constituency.

5.2 Proactive Activities

ASFINAG CSIRT provides the following proactive services:

- Maintain contact information of local security teams

- Raise security awareness in its constituency

- Publish announcements concerning serious security threats to its constituency

- Observe current trends in technology

- Distribute relevant knowledge to the constituency

- Vulnerability management within its constituency

6. Incident Reporting Forms

No specific requirements.

7. Disclaimers

While every precaution will be taken into consideration in the preparation of information, notifications and alerts, ASFINAG CSIRT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information.