Security incidents

Aim: Reporting IT security incidents and abuse and complaints

Target Audience: everyone

Summary

If you need to report any suspicious behavior, misconduct, or security incident that involves any of the Nikhef users or systems (either as a target or as the origin), urgently contact the Nikhef Computer Security Incident Response Team (CSIRT) via security@nikhef.nl.

Nikhef's CSIRT addresses various issues related to computer and network security, from prevention to incident handling.

Examples of things to report

Examples of things that should be reported:

• Clicking on a phishing link;
• Replying to a phishing email;
• Losing your phone or laptop;
• Losing any of your Nikhef keys;
• Using Gmail for your Nikhef email;
• Suspected abuse of your Nikhef account;
• Finding your personal information (think GDPR) on an open website;
• Comprised Nikhef credentials, such as: Nikhef SSO passphrase, SSH keys, Grid certificates, etc.;
• Sharing (intentionally or accidentally) personal information in documents broadly or publicly (and/or including other people);
• Suspecting a virus or malware on your device (laptop or phone);
• If you do not recognize the time/remote IP location from an "unusual location" email.

Do not hesitate to contact security@nikhef.nl with any questions or doubts. Please be careful with disclosing sensitive information through plain-text e-mail; you may contact the Nikhef CSIRT to inquire about alternatives for secure communication.

If you administer a system that you think might be compromised; contact the Nikhef CSIRT immediately without taking any action.

All reported incidents will be investigated and duly acted upon.

Grid resources and incidents

The use of the federated e-Infrastructure for research is covered by the EGI and WLCG Acceptable Use Policy and Conditions of Use. For reporting and communicating on incidents in peer infrastructures, please follow the guidelines in the Security Incident Handling Procedure for reporting and handling of incidents.

Note: Contact the Nikhef CSIRT for incidents related to the Nikhef infrastructure services, also when those are used in the context of the Dutch National e-Infrastructure, EGI and other peer infrastructures.

Contact

Nikhef Helpdesk/CSIRT
Telephone (Nikhef Helpdesk): +31 20 592 22 00
CSIRT direct number: +31 20 592 50 90
E-mail: security@nikhef.nl

Links

• Nikhef Security homepage