CERT/CC

Main »Term» C »Abbreviation for Computer Emergency Response Team Coordination Center. CERT was initiated by the Department of Defense Advanced Research Projects Agency of the US Department of Defense in December 1988 after Morris worm invalidated about 10% of computers connected to the Internet. CERT / CC is located at the Software Engineering Institute, a federal government funded research center run by Carnegie Mellon University.

Cert / CC investigates Internet security vulnerabilities, provides services to attacked Web sites, and issues security warnings. Research activities of CERT / CC include development of WAN computing and improvement of Internet security. The organization also provides training for accident responding experts

Software vulnerabilities adjusted by CERT / CC may be caused by internal research or external reporting. Vulnerabilities discovered by external individuals or organizations may be reported to CERT / CC using the CERT / CC vulnerability report form. Based on the severity of reported vulnerabilities, CERT / CC may take further steps to resolve vulnerabilities and coordinate with software vendors. In the summer of 2014, the CERT survey funded by the US federal government became the key to the anonymization of Tor (anonymous network) and the information FBI called from CERT was used to cancel the deleted SilkRoad 2.0 It was. The FBI refused payment to the CMU to anonymize the user and the CMU refused to receive funds to comply with the government's subpoena.

The first similar organization, CERT / CC, was founded in November 1988 in Pittsburgh and responded to the Morris worm event under the direction of DARPA. CERT / CC is currently a member of the CERT department of the Software Engineering Institute. There are over 150 network security experts devoted to taking a precautionary approach to protecting the system. CERT will collaborate with government, industry, law enforcement agencies and academia to develop sophisticated ways and techniques to cope with large and complex cyber threats.

Therefore, in this connection, the possibility of "European CERT / CC" (coordinating center) was proposed to provide CERT service to many European networks. This CERT is similar to the original CERT / CC of Carnegie Mellon University software engineering laboratory (which provides the CERT function described in this document to the entire Internet). Therefore, CERT / CC currently offers Internet services free of charge, but if the demand for that resource continues to increase, the long-term availability of services is uncertain (Explain the role of CERT / CC The FAQ document is described in the appendix)