Computer Emergency Response Team

Center functions under Special Communication and Information Security State Agency of the Special State Protection Service of the Republic of Azerbaijan

Main duties and functions of the team

collecting, analyzing and gathering in the relevant databases the information received from users, computer engineering and software producers, foreign countries’ analogical structures on today’s threats to computer security, as well as materials on specific computer incidents, effectiveness of software- hardware tools applied for protecting computer systems;
development of recommendations for application of the most effective software-hardware tools ensuring the prevention of unauthorized interventions in the information systems for official users based on study and generalization of the international practice on ensuring computer security, rendering advisory services and technical aid to users;
operative acceptance of the data to prevent hacker attacks to computer systems and rendering urgent assistance, timely informing users of the internet network and other information systems, including local and corporative systems, of threats to computer security and supporting state authorities in investigation of the computer incidents;
giving advices in selecting software and hardware tools on ensuring computer security, cooperation with software vendors when defects and shortages are found out in software tools for protecting computer systems;
Rendering them assistance in creation of the divisions of information safety of the state establishments and development of the corresponding normative documents;
Mutual activity and cooperation with relevant agencies, foreign “CERT” teams on issues of computer crimes and legal provision of information security, information and work practice exchange;
To act in mutual cooperation with the relevant sections of state authorities in timely obtaining the necessary information about computer incidents and help and provide instruction in preventing computer offences (hacker and virus attacks).

Functions of the team

Timely accepts information about computer incidents and render assistance to information systems and Internet network’s users in preventing computer incidents, avoiding such cases and their investigation;
Provides mutual information activity with users through the team’s website, places on the website the list of the computer-systems-protecting software tools usage of which is recommended, and the inquiry information;
The team guarantees that any information that was become known to it in the work process for avoidance of the computer incidents will not be disclosed to a third party without consent of the user as incurred damage from that incident.

The team bears responsibility within its authorities, as per the Azerbaijan Republic’s legislation, for carrying out duties entrusted to it, for information provided and disclosed.
The team is not entitled to having activity of one or another systems and resources suspended, however it reserves the right to appeal them to law enforcement for settling such issues.
The team is not responsible for any possible mistakes, damage, other kinds of direct or consequential losses that may arise due to the users’ failure to understand properly the information it has provided.
Computer incidents processed by the team
The team reviews and processes in its activity the following computer incidents:

Failure in the working capacity of the networks’ base nodes and large server resources, attacks that may cause destruction or discredit of system information;
Any network attacks aimed at obtaining administrative privileges;
DoS (Denial of Service) and DDoS attacks to the state authorities’ information resources and individual hosts.
destruction of computer viruses purposely sending them; by applying information networks protecting systems including harmful programs (sniffer, rootkit, keylogger, and etc.);
scanning of national information networks and hosts;
selection and capture of passwords and other authentication information;
unauthorized use of information resources.