FAQ

Last Updated on Friday, 03 May 2013 14:46

Frequently Asked Questions

This document is intended to answer the most Frequently Asked Questions (FAQs) about SingCERT. The FAQ is a dynamic document that will be updated periodically. Suggestions for additional sections are welcome -- please email them to This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

Section A: Introduction to SingCERT

·                                What is SingCERT ?  

·                                What services does SingCERT provide?  

·                                How do I contact SingCERT?

·                                Who does SingCERT serve?

 

Section B: Where To Go for Information?

·                                How do I subscribe to SingCERT Mailing List?

·                                What presentations, workshops, and seminars does SingCERT offer?
 

Section C: Incident Response

·                                What kind of incident do I report to SingCERT?

·                                What kind of information should I provide to SingCERT?

·                                How does SingCERT handle an incident?

·                                Does SingCERT work with other law enforcement agencies?   

Section A: Introduction to SingCERT

What is SingCERT ?

The Singapore Computer Emergency Response Team (SingCERT) was set up in October 1997 as a programme of the Infocomm Development Authority of Singapore (IDA), in collaboration with the National University of Singapore (NUS) to facilitate the detection, resolution and prevention of security related incidents on the Internet. In 1999, SingCERT become a wholly IDA owned programme.

 

What services does SingCERT provide ?

SingCERT provides technical assistance and coordinates responses to security compromises, identifies trends in hacking activities, and works with other security agencies to resolve computer security incidents. SingCERT also disseminates timely information and alerts on the latest violation security issues to the general public via SingCERT website and SingCERT Mailing List. Companies with interest to learn about general security issues can attend seminars and conferences organised by SingCERT. The general public can also obtain security-related information from our SingCERTs website at www.singcert.org.sg.
 

How do I contact SingCERT ?

SingCERT
Infocomm Development Authority of Singapore
10 Pasir Panjang Road #07-01 Mapletree Business City
Singapore 117438 Phone: (65) 6211 0911 (Hotline)

Fax : (65) 6211 2105
Operating Hours: Mon-Fri 8:30am-6:00pm (GMT+8)

Email: This e-mail address is being protected from spambots. You need JavaScript enabled to view it

WWW: http://www.singcert.org.sg

Please use encryption when sending sensitive information by email to SingCERT. SingCERT's public PGP key is available in the About Us page or you may email to This e-mail address is being protected from spambots. You need JavaScript enabled to view it to request it.
 

Who does SingCERT serve ? The community for which SingCERT will provide its services to is called its constituency. This would encompass the local IT industry and its users.  

---

Section B: SingCERT's Security Resources
SingCERT maintains a website, www.singcert.org.sg, to provide security-related information to its constituency. 
 

How to subscribe to SingCERT Mailing List ?

SingCERT maintains a mailing list for those members of its constituency who would like to receive security alerts and virus alerts mailed directly to them. If you would like to be added to the SingCERT mailing list, please send email to This e-mail address is being protected from spambots. You need JavaScript enabled to view it . Please type "SUBSCRIBE" on the subject line. To unsubscribe, please email to This e-mail address is being protected from spambots. You need JavaScript enabled to view it . On the subject line, type UNSUBSCRIBE and the exact email address you gave us for the list when you subscribed.

 

What presentations, workshops and seminars does SingCERT offer ?

(a) Workshops SingCERT or IDA staff will also, from time to time, conduct security workshops to share security information and tips with its constituency.

(b) Seminars SingCERT will organise security conferences or seminars regularly where renowned security experts will be invited to present security related talks or workshops. Information on such seminars can be found at http://www.singcert.org.sg.  

---

Section C: Incident Response

What kind of incidents do I report to SingCERT ?

If you encountered any of the violation of security policy below, you may contact SingCERT for technical assistance.

• 1. unauthorised attempts (either failed or successful) to gain unauthorized access to a system or its data
• 2. unwanted disruption or denial of service
• 3. the unauthorized use of a system for the processing or storage of data
• 4. Changes to system hardware, firmware, or software characteristics without the owner's knowledge, instruction, or consent
• 5. email-related security issues

 

What kind of information should I provide to SingCERT when my site has had an intrusion ?

The organisation or person reporting the incident will need to send an email to SingCERT providing the following information:

• 1. Contact information including name, email addresses, telephone and fax numbers.
• 2. Description of the incident including supporting logs and details such as source and targeted IP addresses, time of occurrence, parties involved and other relevant information

 

We will keep any information specific to your site confidential unless you authorise SingCERT to release that information.

 

How does SingCERT handle an incident ?

SingCERT will respond to the reported incident by assigning it an incident tracking number together with SingCERT's advices and recommendations. However, due to limited resources and the growing number of incident reports, we may need to prioritise our responses to different incidents depending on its severity and impact on the Internet community. The following type of reports receive the highest priority and are considered emergencies:

• 1. possible life-threatening activity
• 2. attacks on the Internet infrastructure, such as:
• 3. root name servers
• 4. domain name servers
• 5. major archive sites
• 6. network access points (NAPs)
• 7. widespread automated attacks against Internet sites
• 8. new types of attacks or new vulnerabilities

 

SingCERT will not release any information about a site's involvement in an incident without the site owner's permission. In cases where intruder activities are involved, site owners will need to state clearly the law enforcement and other agencies whom they would authorise SingCERT to offer information about their involvement in an incident. SingCERT will sanitise sensitive information, such as targeted IP address, before forwarding any information to any agencies. This will enable SingCERT to put site owners in contact with the relevant agencies quickly.All incidents will be tracked and monitored by SingCERT's duty officer.

 

Does SingCERT work with other law enforcement agencies to track down the intruders ?  

SingCERT is not an investigative or law enforcement agency. We do not investigate or maintain or disclose information about individual intruders, and we do not conduct criminal investigations. Our activities focus on providing technical assistance and facilitating communications in response to computer security incidents involving hosts on the Internet.If the company or user is interested in pursuing any type of investigation such as finding out the identity of the intruder or seeking legal prosecution, you may wish to discuss the activity with your organization's legal officer or contact the Technology Crime Investigation Branch, Singapore Police Force, at 6435 0000. SingCERT does not have legal expertise and cannot offer legal advice or opinions.

< Prev		Next >