Project Cyber threats
The works to establish CSIRT.CZ and relevant policy background were carried out within the Grant of the Ministry of Interior no. P-33/VZ-2007 - VD20072010B013 (Cyber threats and Czech Republic’s security interests). In January 2007, a consortium of academic institutions lead by the Faculty of Mathematics and Physics of the Charles University won the tender and received the grant. In the grant, the task is defined as "Drafting and implementing a distributed hierarchy for a comprehensive systemic solution to security issues in Czech computer networks by means of CSIRT teams".
The original version of the project
The scope of the "Cyber threats and Czech Republic’s security interests" research and development programme includes a number of activities related to methods for detecting cyber criminality and terrorism and quantifying the seriousness of technology crimes the number and seriousness of which has been growing steadily. The project focused in particular on:
- an analysis of technical solutions of complex IP and IPv6 networks operated by public, state and academic entities. The analysis focuses in particular on vertical and horizontal interfaces among the networks as well as the identification of weaknesses from security and reliability point of view. The study also includes a comparison of the current situation and most-up-to-date recommendations issued by the regulating entities, taking into account any potential new threats;
- establishing a distributed hierarchy for a comprehensive systemic solution to security issues in Czech computer networks by means of CSIRT teams, with the model CSIRT practice’s establishment and pilot operation as its basis. The CSIRT hierarchy is an inherent part of the prevention and active protection system for computers and computer networks. As a general rule, these issues are addressed by CSIRT (Computer Security Incident Response Team) teams or by CERT (Computer Emergency Response Team) teams. CSIRT teams should closely cooperate with international organisations such as TERENA (Trans European Research and Education Networking Association) and FIRST (Forum for Incident Response and Security Teams). It is expected that experience and know-how of the single official CSIRT team in the Czech Republic run by CESNET association and operating in the academic sphere is to be taken advantage of.
- Standardisation of software for forensic analysis (FA) reflects the current status of FA. The basis is the evaluation of existing HW and SW pro FA and implementation of selected FA methods.
- Interdisciplinary character of the studied area is further supported by tasks focused on social and psychological factors. It is planned that a quantitative study of Internet users (approximately 1000 persons sample selection) will be carried out as well as interviews with detected or potential offenders.
The project also includes an analysis of legal background to cyberspace, in particular:
- Analysis of Czech legal order focused on protection against cyber crime
- Analysis of Czech regulations which can be applied to protect against cyber crime
- Definition of key legislation terms and general legal background
- Comparison of legal protection against cyber threats in the Czech Republic and abroad, namely in EU Member States and the US; and
- Proposing legislative and organisational measures relating to fight against cyber crime.
Synthesis of findings from individual tasks will consist of a summary of the most important findings and recommendations for legislative and organisational measures to fight cyber crime and terrorism.