RFC 2350 KalselProv-CSIRT
1. Information Regarding Documents This document contains a description of KalselProv-CSIRT based on RFC 2350, which is the basic information about KalselProv-CSIRT, explaining responsibilities, services provided, and ways to contact KalselProv-CSIRT.
1.1. Date of Last Update The document is a 1.2 version which was published on 18 Maret 2021.
1.2. Distribution List for Notifications There is no distribution list for notifications about updating documents.
1.3. Locations where this document can be obtained The latest version of this document is available at: http://csirt.kalselprov.go.id/assets/rfc2350/rfc2350-id.pdf (Bahasa Indonesia Version) http://csirt.kalselprov.go.id/assets/rfc2350/rfc2350-en.pdf (English Version) 1.4. Document Authenticity Both documents have been signed with the PGP Key of Information and Communication Office of South Kalimantan Province (Dinas Komunikasi dan Informatika Provinsi Kalimantan Selatan). For more details, look at point 2.8.
1.5 Document Identification Both documents (English and Indonesian versions) have the same attributes, namely: Title: RFC 2350 South Kalimantan Province-CSIRT; Version: 1.2; Publication Date: 18 Maret 2021; Expired: This document is valid until the latest document is published.
2. Data / Contact Information 2.1. Team Name South Kalimantan Province - Computer Security Incident Response Team (CSIRT) Abbreviated: South Kalimantan Province-CSIRT.
2.2. Address Communication and Information Office of South Kalimantan Province Jl. Dharma Praja II South Kalimantan Provincial Government Office Complex Banjarbaru South Borneo Indonesia
2.3. Time zone Makassar (GMT + 08: 00)
2.4. Phone number Telephone (0511) 6749844
2.5. Fax number Telephone (0511) 6749842
2.6. Other Telecommunications - 2.7. Electronic Mail Address [email protected]
2.8. Public Key (Public Key) and Other Information / Data Encryption
-----BEGIN PGP PUBLIC KEY BLOCK----- Comment: User-ID: Sandikami
mQINBGBRnqQBEACd4Swl6ELoO1UgsGuUAOD3hd82V+vqGHBEVWMYRuHzjjF+HjmY dkQZt3pgvTRlUYrE/e45wyUeZp8h+OOWtr07EVFim0ZDQH6fXUmkX6kcpq2zrcYp ugfGz+aXtxKfZ/CGSN1FxiA6I5a1JCCpfqiAdeBUNtPrbMWBma+jiD4cz/hifxtt CdimHoL6hhtiOBphHzYmpKp0wxoE6jM9Kd89Tzy446I9R2mm9c/yBUeZw1Nm81BA Ou596sEA0jEuDR62/guVsnlxlLSe4i7s9v3ANUQsS/gGU9Z5JNKwouNye+vOSJL0 fZ/WyzZ9dg/Vcad9I5on+1XXaomfxglyAD7L1W1q0lqEQc/6nH/xxncqKkfFWrrt +5BUsgyogvGR56+qyVfDESy5SVmK7BNvm7QqW7rADB0v5T8666+ZQV+spZvuF/K5 tkaf0JkkR1yWc+hz3uylIzhq0YUjVABIlfrUBTge4dLeey0H+FE7kIYe4MyGy8af 7+V+pBwWbw3Uv4y5NsNRZPcfdoKXlhTYgweaF42BkhgOneFz2rAuVSZiDrh2zxz6 ESImJeVNYqTpAJJpJHbY0x4aVlhIT9kaAa34SPXI//0A3/5L/XWEaZI4/fzAu7GL 1BvtXcdxS6lgnpLOSiWza0XiGpexJ9hDZGfl567aunNBWFEN5+zsFux4tQARAQAB tCZTYW5kaWthbWkgPHNhbmRpa2FtaUBrYWxzZWxwcm92LmdvLmlkPokCVAQTAQgA PhYhBLnEB0rEwmvPgUpcknVxtlX6vHncBQJgUZ6kAhsDBQkDwkccBQsJCAcCBhUK CQgLAgQWAgMBAh4BAheAAAoJEHVxtlX6vHncrgMQAJLnYLfbplsowrH27Kh0ws+S sXbWXoNLl7B+LJzolKP372OdlQnrSZYm0HEI8gAF6LHfr8sK5J1qkF+ldSQkTDWR xLMdk5v42O6bFAS99wMtNCpYxsmuppAfGqPj+UoZUT79Ecbd+gqhPJPupVThomHz vC8iyUCBv8eVtanNpVsFPVLxts5sD5TzhsJCpSZY+WG0bKZtX8FCqYzw1wbwzUS6 dTvaaAIMy03XkVOMe4yg1G0awTQ6LDThxUdXVoCbePanweJ+aBd0Vn8YnObNGb6e NFcS/TKu8ALv5vfGdg3tYkbrInpdgYKbA/VvK9fDsHMb11ZSNcz35iuQJIGCmCZk M5mJlPu/6Adn1AuaAZNSa/0Ca2KPmhC2EF86sH6KFt7AMoAwzRtmfKljDnW7XSBl nseWgR+HrNwmtem371dw+LUcmw2JylagOiSv7KULP20x75pmiYOQI2UBUnuCOqWR BT3HOhloIc6S25zllbV0aba5j+d2k4SaxXAufNQGJizvS1Ej94SPJcx1d22rhWbX cInV/+xcBwI+SHRcf9ytMpsfKGLX8UPSvhaQNbp7tyljrq8T7l8gz7symaKSJsEw QlJ5gYHpgUCVING4ijFiCPjN7yk07k2v22uU4Ckkwt7ZPK99uRwBamx4WBXxykrH crBlBvkCip0TZdvT0ufbuQINBGBRnqQBEAC5ghBkKce65DY+RDZuaAJI3P68LI6q YUQr3R0119zCaaNhJK/rBdWiHiVqtkwFIVkopHcSV8oJBTRCf70eLJn93od0+mUw Wd7IIus3unkWVxrFjPdaK3fIYFrXmy7UIzK+Nooth+09KAzFVS/NM7XvXkLIPzk/ KqJ/clmYSADdfFybMsBk4PmztDb7Pf+l4i4tVwg6bWJ+27HP7tv/TDi01SfC8dU0 /StJHYUo0gaEdkP4hsmLtq0i3kkd3VeqaWx6keZmifyLVfXYotmIhr2W8o9OfVMn vw4Xyfu/1V/waaHGj933kUVjFze+4yjx8V1G+O2aMJU/03IxhaAs+Gsl2LDFNTi5 cwCyoFT8Udv3fsCNy4yzyJkKzjR/5M2TENE6OXsk2qjjJzs7ZwUwS3pzhLKGttla AUx5NKgumm8wdrkWcrA8VLwElUlrLfMGw80VG4HeAwm534kM71+8abnBE54Epqv4 cA5tVZppRAaaWq2NGDB2iK6rVsceCrnRo4jPGWZ540eabN6URm80Kvs1dNaUsRrv ObVW1AQ3pTHqlaE+A/vQ5HsfQ+KpocjMQJrLdRsMiBvHzkRUE6IlsDJPsfkvjlY4 k3+g+7gxfyD2Nv2bHpQ+4sKSma1A1LC4/WtlYbyecffQPvDVMXZrzjLJwWuYtnTD i72mzBwFYJXcQwARAQABiQI8BBgBCAAmFiEEucQHSsTCa8+BSlySdXG2Vfq8edwF AmBRnqQCGwwFCQPCRxwACgkQdXG2Vfq8edw7Mw/9EokGsYVYDOSao3br/PTD7VX9 P8JmBD7e5iEkoSw2vGvb/Mt0SNuypPkrAauA84hy0giipyJ2w8ZLHRJnrDjqZ1jF Liv22fUst0jRMrzTUSC2neZh0A0Wgvr/7JhUSwMgmJXhjv6aXTX3Oc3oaqsK1ItI 4Ps2WdRyEb+3iv9M6MnFFeNR92ARSw9w5Xpx8VyN8gB7BC2tup0AcxR4tcScSgUN H7Dxw7kDI/mXWe0BEdJZ553jq81iXKE8H8CJSD1WkPcMWBKTR4gczu2P/jDHOGht 84Wb8k8y7FTlEkZGOimqg6olQjLee9GmSQeIPOUNPWiD6XAbRwf2mCLt6/a8i/YN OgDULHPBHLVegg4PnI7rRNBSZ/WXGotD/3yPeBLA8SFU/rjQcOerELdPKgkPfdtn Yux5xrmPj4lpAlzjzsg8MM8W38uJfkfk/i31lblPPpofpISdM1Tgnj1SOXKL7OzO 1Jo7EC9FOHpiWC4sAb9eXpWm8nld+dRv1wJEythge7fdWlpgMpaXFKJHSTWfyhPS glb9SXKdQmWjl2y/QzRyfizAyrfsS52TgApnp6ACzJEfLGqB4C1BBr1u9OZWK3lk 47H1tsp9sjLHENRLrXH37D5HXkmjwKW19YAbun/YbNTzMVYIpPg85w9RtYeTJ5Gj 5kGalx5K3ffKxmBhyM8= =D6ui -----END PGP PUBLIC KEY BLOCK----- This PGP key file is available at : https://csirt.kalselprov.go.id/assets/PublicKeyKalselProvCSIRT.asc 2.9. Team Member The Chair of the KalselProv-CSIRT is the Head of Information and Communication Office of South Kalimantan Province. All staff of Bidang Persandian dan Keamanan Informasi and Bidang E- Government are included as the members of the team.
2.10. Other Information / Data -
2.11. Notes on the Provincial Kalimantan-CSIRT Contact The recommended method for contacting KalselProv-CSIRT is by sending e-mail to [email protected] or by contacting through telephone number (0511) 6749844
3. About Gov-CSIRT 3.1. Vision The KalselProv-CSIRT vision is the realization of cyber resilience in the reliable and professional in South Kalimantan Provincial Government.
3.2. Mission The missions of the KalselProv-CSIRT are : a. coordinates and collaborates cyber security services in the scope of the South Kalimantan Provincial Government; b. buildings capacity of cyber security resources within the Government of the Province of South Kalimantan.
3.3. Constituents KalselProv-CSIRT Constituents include all SKPD of South Kalimantan Provincial Government and Regency / City Governments in South Kalimantan, which are the following points : a. All SKPD of the South Kalimantan Provincial Government are the work Units of the Regional Government of South Kalimantan Province; b. The regencies or cities Government in South Kalimantan Province are Barito Kuala Regency, Banjar Regency, Tanah Laut Regency, Tanah Bumbu Regency, Kotabaru Regency, Tapin Regency, Hulu Sungai Selatan Regency, Hulu Sungai Tengah Regency, Hulu Sungai Utara Regency, Balangan Regency, Regency Tabalong, and the Regional Government of Banjarmasin City and Banjarbaru City; 3.4. Sponsorship and / or affiliation KalselProv-CSIRT is part of the Communication and Information Office pf South Kalimantan Province so that all funding comes from the South Kalimantan Provincial Government's APBD.
3.5 Authority South Kalimantan Governor Regulation Number 34 Year 2018 concerning Main Tasks, Functions, and Task Descriptions of the Office of Communication and Information. Decree of the Governor of South Kalimantan Number 118.44 / 078 / KUM / 2020 concerning the Establishment of the Computer Security Incident Response Team of the Province of South Kalimantan KalselProv-CSIRT in doing any incident handling and recovery is by constituent request.
4. The Policies 4.1. Types of Incidents and Levels of Support KalselProv-CSIRT has the authority to handle incidents which are namely : a. Web Defacement; b. DDOS; c. Malware; d. Phishing; The support which is provided by KalselProv-CSIRT to constituents is various depends on the type and impact of the incident.
4.2. Collaboration, Interaction and Information Disclosure / data KalselProv-CSIRT will collaborate and share information with CSIRT or other organizations within the scope of Cyber Security. All information received by the South Kalimantan Province-CSIRT will be kept confidential.
4.3. Communication and Authentication For normal communication, KalselProv-CSIRT can use e-mail addresses without data encryption (conventional e-mail) and telephone. However, for communications that contain sensitive / limited / confidential information you can use PGP encryption on e-mail.
5. Service 5.1. Reactive Service The reactive services from KalselProv-CSIRT is the main service which is being the priority, namely: 5.1.1. Alert Service related to Cyber Incident Reports This service is carried out by the Incident Data Management Sub Team in the form of warning of cyber incidents to the owners of electronic systems and statistical information related to this service is provided by KalselProv-CSIRT.
5.1.2. Incident Handling and Recovery Service This service is provided by the Information Security Sub-Team, the Network and Server Sub- Team, the Website and Application Sub-Team in the form of coordination, analysis, technical recommendations, and on-site assistance in the context of mitigating and recovering cyber incidents. KalselProv-CSIRT provides statistical information related to this service. 5.1.3. Vulnerability handling services This service is provided by the Information Security Sub Team in the form of coordination, analysis, and technical recommendations in the context of strengthening security (hardening), KalselProv-CSIRT provides information related to statistics regarding this service. However, this service only applies under the terms of the following conditions : a. The reporter of vulnerability of is the owner of the electronic system. If the reporter is not the owner of the system, the report on vulnerability cannot be handled; b. The vulnerability handling service can also be the follow up to the Vulnerability Assessment activity. 5.1.4. Artifact Handling service This service is provided by the Information Security Sub Team in the form of handling artifacts in the context of recovering affected electronic systems or investigative support. KalselProv-CSIRT provides statistical information related to this service.
5.2. Proactive Service KalselProv-CSIRT is actively building the capacity of cyber security resources through activities: 5.2.1. Notification of Observations related to New Threats This service is provided by the Information Security Sub-Team in the form of the results of the Analysis of the KalselProv-CSIRT. KalselProv-CSIRT provides statistical information related to this service.
5.2.2. Security Assessment Service This service is provided by the Information Security Sub Team in the form of vulnerability identification and risk assessment of the vulnerabilities found. KalselProv-CSIRT provides statistical information related to this service.
5.2.3. Security Audit Service This service is provided by the Information Security Sub Team. KalselProv-CSIRT provides statistical information related to this service.
5.3. Safety Quality Management Service KalselProv-CSIRT improves the quality of security through activities: 5.3.1. Consultation related to Preparedness and Recovery of Incidents The service is provided by KalselProv-CSIRT in the form of providing technical recommendations based on the results of the analysis related to incident response and recovery.
5.3.2. The Development of Awareness and Concern for Cyber Security Related to this service, KalselProv-CSIRT documents and publishes various activities carried out by the Diskominfo work unit in South Kalimantan Province in the context of building awareness and concern for cyber security which are namely: a. Information Security and Persandian Capacity Buiding Code and Information Security of the Code and Information Security Field (Seksi Peningkatan Kapasitas Tata Kelola Persandian dan Keamanan Informasi Bidang Persandian dan Keamanan Informasi BIdang Persandian dan Keamanan Informasi). b. Information Security and ode Services Section of Code and Infromation Security field (Seksi Layanan Persandian dan Keamanan Informasi BIdang Persandian dan Keamanan Informasi).