Incident reporting

CSIRT.CZ should be regarded as the last resort to seek assistance and cooperation from when it comes to addressing security incidents relating to networks operated in the Czech Republic (i.e. the source or target network is operated in the Czech Republic). Addressing security incidents (their verification, defence and remedy) is always the responsibility of the administrator of the network or computer affected.

As a general rule, we recommend contacting CSIRT.CZ in any of the following instances:

• the security incident persists (it was not remedied within a reasonable time period);
• there is no response to the security incident report (irrespective of whether the contact is Czech-based or abroad);
• the response to the security incident report is not affirmative (its recipient refuses to address the issue, does not perceive the situation as an issue, etc.);
• you are not able to track the entity responsible for the network/IP address (the source of the incident in general) or the contact information is not up-to-date;
• you are convinced that the issue could have affected more networks that should be contacted and alerted.