The Cambridge Computer Emergency Response Team (CamCERT) co-ordinates security matters in the University of Cambridge. CamCERT is the UIS contact point for anyone in the University who finds that the security of a machine has been compromised. It liaises between departments, Colleges, the UIS and, where necessary, external organisations in order to provide support in response to security incidents, to isolate problems and to assist in recovery after an incident has occurred. CamCERT calls upon the services of Unix Support, Network Support and PC Support and other parts of the Computing Service for specialist services and advice as appropriate.
CamCERT:
- can organise assistance for a machine owner in securing a machine or investigating a security incident;
- issues alerts about security threats;
- notifies Institutions about vulnerable machines in their Institution, especially when a new security loophole has been announced;
- monitors the daily traffic logs looking for traffic that indicates an attempt to find vulnerable machines, and reports these probes to the Universities' co-ordinating security body, JANET-CSIRT.
Reports of break-ins, attempted break-ins, probes for vulnerabilities and other computer security incidents in the University of Cambridge should be reported to CamCERT as soon as they are discovered. This is so that we can see if the incident is part of a larger one and hopefully limit the damage.
Information about security incidents and alerts is either posted on the UCS News service or emailed to a relevant mailing list or contact group.
CamCERT Blog
CamCERT also run their own blog, posting news articles about security matters of interest to the University. We also post information about major security incidents. It can be found here: CamCERT Blog