I Am Security

IL-CERT finally picking up speed

by

iamit
in ,

It’s been a long time since I talked about IL-CERT. My personal story with the IL-CERT (or lack thereof) started somewhere in 2009 when I was dealing with some incidents that affected constituencies in multiple countries – Israel included (which were part of my background research for my Cyber[Crime|War] talk).

It then picked up some speed when I started meeting people with similar interests and vision here in Israel, and we started to discuss how should a CERT be built, given the current situation (a government CERT with minimal constituency and no civil coverage, and an academic CERT that only covered a small part of the universities). There were a lot of toes to step on, and we were trying to map out the dance floor before rolling out to our crazy dance. It also started my own personal research into the CERT world, and led me to meet some great people from the FIRST community.

Incidents came and went, rants were made, I let the project simmer, and almost die completely as we were entangled with bureaucracy, politics, and legal issue.

And then came Stratfor. And then the hackers that broke into a few sites and stole “400,000” credit cards (actually less than 19,000). And then a quick chat between one of the people I trust in this industry – Aviv Raff, who joined into the CERT effort recently. We quickly decided – seeing how the local media addressed the incident, that this would be the right time to get proactive and leave the trolling and waiting-for-something-to-happen aside.

A quick and efficient site was set-up, some scraping of the data that was leaked, a secure lookup system for people to check if they are exposed to the incident, and we were up and running (even in English now). Haven’t had that much fun in some time.

Leaving the usual trolling aside (how come people are great with “you shouldn’t have done this or that”, and really suck at actually doing anything…), we had over 5000 unique visitors to the site in a matter of hours, and some great feedback from people who used the site. Thus far it still is the best and most secure way of checking if you were impacted (don’t even get me started on all the scammers that are asking for your emails to see if it’s on the list or not…).

Hopefully, this is the real start of the IL-CERT. At least I know that we finally picked up the challenge and did something about it.

Comments

4 responses to “IL-CERT finally picking up speed”

  1. Brian Honan Avatar
    Brian Honan

    Having gone through this process in Ireland and setting up IRISSCERT http://www.iriss.ie, I can fully empathise with what you have been through. Great to see you finally get things up and running. If there is anything I can do just let me know.

    Reply
  2. LiranV Avatar
    LiranV

    I wish you all the luck with promoting and geting this IL-CERT thing up and running, It’s really a great initiative.

    Reply
  3. 0xfeed Avatar
    0xfeed

    Iftah dont act as if you’re doing this out of compation and care for the naive civils. You’re just another opportunist who is thirsty for some media attention in which you hope will help you push your business forward.
    We all see it.

    Reply
    1. iamit Avatar
      iamit

      Hi 0xfeed,
      Thanks you for voicing your concern regarding foreign interests in the IL-CERT. This is exactly one of the issues that have been plaguing the process so far, and one that I am strongly against.
      I don’t know but you might have noticed that from all the great security people that have been mentioned in the local media my name was one of the few that did not make a 15-minutes of fame appearance, and will not make it today either…
      I would love to see what you claim to see, and if there is any doubt regarding one action or another, I would be the first to amend it (and I remind you that the process and communications so far have all been completely open in terms of how the IL-CERT is forming itself).
      Thanks again!

      Reply

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.