Company

RFC 2350 Deutsche Telekom CERT

Version: 0.3
Date: 1 Feb 2022, 10:00:00 +0100
Contact: cert@telekom.de

1. Document information
This document contains a public description of Deutsche Telekom CERT according to RFC 2350. It provides basic information about the CERT, the ways it can be contacted, describes its responsibilities and the services offered.

1.1 Date of last update
1 Feb 2022, 10:00:00 +0100

1.2 Distribution list for notifications
There are no public distribution list for notifications as of 2019/02.

1.3 Locations where this document may be found
The current version of this document can always be found at: http://www.telekom.com/security/cert

1.4 Document Authenticity
This document can be retrieved from our webserver using TLS/SSL.

2. Contact information
2.1 Name of the team
Deutsche Telekom CERT

2.2 Address
Deutsche Telekom AG
Deutsche Telekom CERT
Friedrich-Ebert-Allee 71 – 77
D-53113 Bonn

2.3 Time zone
We are located in the central European timezone (CET) which is GMT+0100 (+0200/CEST during summer time in Europe, approximately end of March until End of October).

2.4 Telephone numbers
+49 228 181 71773 (primary number, 24/7)
+49 800 3824 2378

Please observe that the above published telephone numbers are solely intended for communication related to critical security incidents. Disregard this previous condition might lead to blacklisting of your telephone numbers on our PBX.
 

2.5 Facsimile number
None.

2.6 Other telecommunication
None.

2.7 Electronic mail address
Please send incident reports to cert@telekom.de.

2.8 Public keys and encryption information

-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: User-ID:         Deutsche Telekom CERT - Team Key 2023 - 2026 cert@telekom.de
Comment: Expires:          05.05.2026 12:00
Comment: Type:              4.096-bit RSA
Comment: Fingerprint:  762FCAADC8D7F79FAE749C3DFC564D7ADF9C34DA
Comment: Key ID: 0xFC56 4D7A DF9C 34DA


mQINBGRUq2gBEADzaiJkNgcBoydRYaPNNzcbs3W1IjzWeUXGKl+EW/UpZaZvpaBu
vFiBfj5m4WmNSacN4NDim+IjCJEn3twQ8sHVHfAnaiBiol69gJ4m/CayoRdz3JaS
5u8eTrczj50ZpbWVRuydb+Z6gye8qseV3bOFEjuR5IG9BAUqYah9dIYjvfbGgei1
HNyPtp710MGgg9oN2JpH1LsrsuwY0bgU9rUirFS5mHTDsqlsU83AwfmCpgpkt8Gb
rpDg3CFi4GSSXduEKhe/369F4Qb6Z0NsjkjfJV/8Mk7tlhhVV8qQHGjloxoIovzv
xhMxsmrvCxw/nlUSpLTJw56VuF/twvBr2gSfRNAMwAPkjslv5VXRe4BdKG+DH63R
zvXWi99iV4jgmrqzHUab+9YjgoDRx0jEgg+XP7iM3H27dvgxUwKGxDy8CqS/FCg3
DSopYS+fT0iuXQwhrP38Xgwtk/ERzszWuS+kYA8ntnr50qbDM3T5A1JcwdV7SUTF
rEz7bzSbl3D3Linj26c2EMgtwOUiRUkQNuZu/c+t/nMaunFJtiynAvjjkOJLHX3u
Zkprps051EpPKgMbSX/z58Tpkp0jQCTC/LbgwufHiL8D8FRCTLqMndtKt28I8Hns
XBcXH3i/rSz9XL2I6v5kW0NftmWo2fK51MAPi95Z02B9TgJXW1Ten7EFGwARAQAB
tD5EZXV0c2NoZSBUZWxla29tIENFUlQgLSBUZWFtIEtleSAyMDIzIC0gMjAyNiA8
Y2VydEB0ZWxla29tLmRlPokCVwQTAQgAQRYhBHYvyq3I1/efrnScPfxWTXrfnDTa
BQJkVKtoAhsDBQkFpRQ4BQsJCAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJEPxW
TXrfnDTa3j8P/A83BCUVhKOsrY9r6Q6xCX/Naou1LyK6eLGeo59WJFl9DtJRcOVf
7AZPno6xqgoxf1No4W+w5EizrOBHQmFJyRu8Sriwf8Q1+I37SKvGK8shLplYNc3f
isBqGvBe32ryvpIP6sJXsAX8nQsMmligqsZYhFgUW2UhptnK3TWK2dUxrVQUb/sj
309OJdyFk84krV+5HGjPHs05XL9qrHwIQERd9uWPs13swiNjsWB7mzliOLD/268i
umQM/9N7Cq9b2FB0GWsH1p9FMJ2XC/KpsOgjLNzmLBSkgfKrKaKrvCREL71eqJ/B
X/qK716vbpM0QGWbEdIz/P74IGDMvc29SbkXfGJ6ZtQeBxM3Pbj/F38C7lESAR77
synPn59woFOKG4aF+4EPySBS7tNwIUsIjYiyc6mBqHCCUiJ4KZK3EYiGbmuuAWyZ
oMYhAsXIG7dxv3mBAwXaWNVenw58gbwI6+1RHEb+5zjNfBcWjPdPepACkZiLPrrc
vPDHbtCKV2szY6+EV+5Go0y6q16raddwxjDFqbmj6pt4imnM4dnHgfeGScNceULd
3G/2wy7Orwe5on+xOYtWZfZDbyaccpyY3MgGei1128d3VjiRsff/nqEme2zufx0F
fN15rhnLRUIRy8nnn9qBn1nMZxeJ43BWY/J3h8FrrjFndQ/9aQsUdjOOiQIzBBAB
CAAdFiEE4I318l9XSgE+iHyRndDQN5c57CIFAmRUrtwACgkQndDQN5c57CIVmhAA
nZPqGwQOIt79U6m6vNQnpm/tUDJoJsqo5UPTS3wfdYqomN4gL+/2Xzwp3H1bUw2e
Hs10jeFZ2TjQb+C6fW0EKBjF0FYRodLQYobQLn+Nd++2tsDBKLjh9w0ePLXCEZdg
cmfo0umLZXCWawi5zkjIDCKJ1hIvHRNaoksVNzW0mYXbUxKuHZ/bIkLMDRmfgvcV
KTvQuo/j1Mi1krDhkpkJfckGF7/HWalirW12CIoACNpJIWycAvj751qve/I9I8VH
krap1DZO+PGkzzesaqX52j75BbC0YZCH2sQTtBS7ZcmFBbmfhyrSECy85w7jG0ys
FHCajcmFXVD4LSukgG2Bfodob4IKviKqQm6Qt19d674tAToQFe1tf6q0gBJhMrw6
+alEmmdg69AMJryA8kIcPGCY0eP4h2IGjcckPXu/VzxqUU5aaPK1Kh44CHeZpVgo
GHPjC8/jCaHLGx5m6X6CN7CV+JJ0Td6TALY2o1bCCxCQgN/q960rAAsqKOC2hsm/
40zrJoNyzxzjmkRkpghqy/kGZO5pjbQ5PmTXTlJbAk5AFTiTamku3YwpTOTALgve
rn7JKQG/E3J2wGVX/abWblL0MSj7+az84TK16uCZQBwVbdsfQxRbSV7ZLAtLo6rr
tgHOvj3UVCLTId6grJfoAhzcuEkWzMQz3pBB6blT0w+5Ag0EZFSraAEQAOef7eoT
v0o1pasG+ViDp4gOpmBKAkr9MCYaDwJ/3/AR8pbkVpSAjSVPNxQKEnTEUx+4zgh+
FSTxsCK0GgRHXNkiomx5hxdKqOk6NvRAqKg09pJoeDgvkLL75RSDRs90wCpbhibb
HI4oIe41ECFtuC7A/rEs6R1L7j1w1HBoBVU9JMOdcYtTtYwjPoxnw15nfdZg6afX
X0W/u04tr2yu6lTamJS/pvY7iKxoHgmxSH5AMT9I4Q77eWTiWUTXEdLszcLpzUeu
PNu0ol2EW4mp4oeJUjkKo2FcvTCVA4FvUN5Dkdneh5s6ndv6Hdl/nVysT/qoKuzW
fRkyhXBGYEXAL3ZQbVujWbUN1vZU2qH1Yp3N/hPekXNfqe3DNn6ef2Mcq3OqX/DI
sDVtb90kGgwk0iABlIEz+sGzt9yRkxYNKCPF3IHMeeaqfoZu7n1jsISTdBfJJC1w
WEoGX/bVzag3tA8lUv7xH7NqW9zfybWfCjP8ICyMKjogAWopf3wDCFlSmIUJmCSg
Hq7sN1GCTMRuW9/v2FZqwVTygNovotiQpDTJKzsqVI1fwMtGdseRBZZ8wBi20ykj
7qLX8Dgb4Cig/OQqBmRMGeDzM4rirr64MMUzE4D92Bul4AMFPZ2ejEBeeQyyB10D
c0YSyBcB5YIAMmGh45iHud1VNpz6V5/TdfnLABEBAAGJAjwEGAEIACYWIQR2L8qt
yNf3n650nD38Vk1635w02gUCZFSraAIbDAUJBaUUOAAKCRD8Vk1635w02pQ5D/9y
JF3QXPW/IABbu7KTObqoOfSrMPpKK7FzFw/z6BZEPN0DhHrp8UQuAKaYgxNNWcnS
5zmMbr6ZxBBdqfKspQEAY4O1MUIqDIQj4gofQA5s84saGViPCkieqdPH2InYip7Z
2aLPUCTVK6cmnsSOu0szupI9pVegN7kyAmUoIeP249LhlISgdzsN27SaJUk1q5xr
xYXqkY5RheCSq9fgQhaz9TjUhqPHKbt4c1PgM9638HSa8FDjjN6hx9moBn3DqF+1
u06UaFmpisLOYGtVQ8PMZoP4wp3OPqIMvb0lIHFDq4Vog7nsURiJQ6d2/3P4yMoO
iB6s1O0ij3WOndfsARNpLFO069bWUKxWJEhi9YOdgbWrCgE/9u2LV/io1Sl55K/L
zfNL3vordrC9g7m6fH0Z4hKciBT1XrYRzyX7/HNAYx/GrW5BAoJMcYvMVJVALr7q
uBNgykSnjOkq5FLrNEFeZFEcBr0pc8mAhKu4ldABLsEjMdIjNUl90/S4IZXhAq+F
zS4ahr3W7sFEOu1CZ/jyGr+H+4441uiMY3fQJi+mddc3w+XmWFcCB5ca6rmw/DFr
yPF1F2YQf4T6Kq4JNLrsw4bORcKuLI0HQIC5UQ/s6IM3g79clZNx0eQqP6SaQyYS
a5pYMccMhKm4wDB/vQNzOvTzR1AQX77UPoi7pm/SNw==
=jPb3
-----END PGP PUBLIC KEY BLOCK-----

3. Charter
3.1 Mission statement
Protect Deutsche Telekom and its constituents from attacks, using state-of-the-art detection methods. Professionally manage cyber incidents and ensure the timely and sustainable resolution and recovery.

3.2 Constituency
Deutsche Telekom CERT's constituency is mixed, thus, the team attends internal and external customers.

3.3 Sponsorship and/or affiliation
Deutsche Telekom CERT is an internal unit of Deutsche Telekom AG and is solely financed and supported by the latter.

3.4 Authority
The main purpose of Deutsche Telekom CERT is the group-wide and multinational coordination of incident response and operative incident handling, throughout Deutsche Telekom subsidiaries and member companies.

Deutsche Telekom CERT has indirect authority over AS3320 (DTAG) and with the German CERT- Verbund (union of German CERTs), it is an accredited TI (Trusted Introducer) team, and also a full member of FIRST (Forum of Incident Response and Security Teams).

further European and International Institutions such as: * ETIS - The Global IT Association for Telecommunications * ETNO - European Telecommunications Network Operators' Association

4. Policies
4.1 Types of incidents and level of support
Deutsche Telekom CERT addresses all kinds of security incidents which occur, or threaten to occur, within its constituency.

The level of support depends on the type and severity of the given security incident, the impact for affected companies and persons within our constituency, and our resources at the time. Usually, our first response is timely at the same working day.

We expect end users to contact their local systems or network administrators or their local security contacts.

4.2 Co-operation, interaction and disclosure of information
Deutsche Telekom CERT highly regards the importance of operational cooperation and information-sharing between Computer Emergency Response Teams, and also with other organizations which may contribute towards or make use of their services.

Deutsche Telekom CERT operates in strict compliance with German and/or EU legislation.

4.3 Communication and authentication
Deutsche Telekom CERT makes use common cryptographic methods to ensure the confidentiality and integrity of the communications. GPG/PGP and S/MIME are available for general communication via email.

5. Services
5.1 Incident response
Deutsche Telekom CERT is able to perform operative incident handling in several different environments. The tasks include large-scale hunting and detection of security incidents, artifact collection, artifact analysis and reverse engineering.

5.2 Incident coordination
Deutsche Telekom CERT ensures it has operational capabilities to coordinate large-scale cyber security incidents and emergencies.

Deutsche Telekom CERT will also collect statistics about incidents within its constituency.

5.3 Proactive activities
Deutsche Telekom CERT offers up-to-date information about security vulnerabilities to its internal constituents. Besides, the team continuously develops new tools for incident detection and investigation.

6. Incident reporting forms
There are no public forms available. All communication should be directed to mailto:cert@telekom.de. We recommend any communication related to security incidents or Vulnerabilities to be encrypted by GPG/PGP tools. Please use our current team-key, published on this website.

7. Disclaimers
While every precaution will be taken in the preparation of information, notifications and alerts, Deutsche Telekom CERT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.

FAQ