RFC 2350 - CIRT Pertamina


Download RFC 2350 versi Bahasa Indonesia

1. Document Information


This document contains a description of CIRT Pertamina according to RFC 2350. It provides basic information about the CIRT Pertamina, the ways it can be contacted, describes its responsibilities and the services offered.

1.1 Date of Last Update
This is version 1.1 as of 22/10/2024. Indonesia date format is DD/MM/YYYY.

1.2 Distribution List for Notifications
There is no distribution list for notifications as of 22/10/2024.

1.3 Locations where this Document May Be Found
The current version of this document can always be found at:
https://cirt.pertamina.com/rfc-2350/

For validation purpose, GPG signed ASCII version of this document is located at:
https://cirt.pertamina.com/pgp-public-key/

The key used for signing is the CIRT Pertamina key as listed under section 2.8. Public Keys and Encryption Information.


2. Contact Information



2.1 Name of the Team
Cyber Incident Response Team (CIRT) Pertamina.

2.2 Address
Jalan Medan Merdeka Timur 1A
Jakarta Pusat, 10110
Indonesia

2.3 Time Zone
We are located in Asia, Jakarta - Indonesia Western Time that is GMT+07:00. No daylight saving time. GMT are consider similar with UTC. Indonesia time format are HH:MM:SS in 24 hours notation – without AM/PM.

2.4 Telephone Number
Telp. 1500234

2.5 Facsimile Number
-

2.6 Other Telecommunication
-

2.7 Electronic Mail Address
Please send information security incident reports to infosec[at]pertamina[dot]com.

2.8 Public Keys and Encryption Information
CIRT Pertamina uses a signing key for operational purpose. Please encrypt any sensitive e-mail with the CIRT Pertamina PGP public key and send to infosec@pertamina.com.
This trust anchor is:
Bits: 4096
ID: 0x57C659DE
Fingerprint: 32B6 DCAD 6E32 7FFE 6E8A A470 9046 A1E9 57C6 59DE

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGcXS+kBEAC0Ple/Jto6TqCHlGaGAzWCFOmjuS2+3gt0ZewE5ijS+js5HXAj u250z+8hYCqqhUZ7e43SsxU4fRdf3wWYMVY8KjBmF6kqpss9iV1eDoxWephnhlFm /fUZCtQTSuT1Q5yI8dL/T0wyfobrPfXGZQWPJtcxsHoQeSV8ayHRFXJI+tF+4hIj IZYNQD2uLffDexBAir9JxryZiu2eeRMGBuaIsqcFCNUhDM7F58yU3g0KfiEUEFaR BcOW1hHqvy4DuU78c+vfcKlCJtbQoPYHDo1a3lUIuHcoqD8AH7p965X5+7WRG/K8 vGbgAFPcb2rW1h4dIG6w8Hkoc71yPwRsLdZsk1RtCCT5NRriruqcHVxybJ2184c5 baY0M2L4NPJHF81TsjMXhRhH12VK5ZoVHQlaCuKuogWzE6v/z5rFiiMjaaAGEbqX +ypUjureZg77VTcm6UZqQFN3kd3VKZqtutmhUN/z+3FUXRm8vyhy/H7oOsb+4i0g Y2IEAYgsTPBSFYjEt/FrfB93BUN2JPNG+rrvaE/Dcdp9yo0gTcH6LmPhure5CTyZ jzkj0kiFCg17Mf2/b2O26Qm+4yLY9x9vhOXAKL1phUIWLxVFO4+FAzTHrzB2+Tq6 LFqe75xqK1GZJB+VTHImYthBBdxjUtalLm8ao6r3xXnW2LOPXAES6trLSQARAQAB tClJbmZvc2VjIFBlcnRhbWluYSA8aW5mb3NlY0BwZXJ0YW1pbmEuY29tPokCVwQT AQgAQRYhBDK23K1uMn/+boqkcJBGoelXxlneBQJnF0vpAhsPBQkFo3/nBQsJCAcC AiICBhUKCQgLAgQWAgMBAh4HAheAAAoJEJBGoelXxlneDZMP/Aj4CcYVyFzbG4ia eLs0tOkP1Wv6Wqj+8JArR+y9xgVSumQajvgemhK9bl3ATpUWrlwqI/PbGaAzV6k8 rabriFtmnH4+DDemGNpUQ09vv2Mz0HBF7E73IIrlLqgDBQkU+b1xBB0U8xIIwFDe ihQmhRnUCD+wLj1v2rPMNGnd7DlaBIO/DqkKL24Y/Dh/ULdVeiQseVaFYLrTJ+3M HTqCilXuo3eTkTm6YwXRM2E+cnw6bbl1aKoKaCpt0Qwrf7ZUNEAJujEHBJQi54MX 2fgwzImxlJX8aJdSjTtnHdQYthyfvRaAp+QKyS52uJ+ipCzEBiC1UfHsPZfd1HYn sJXWsSES8CqNSUiMm7ehfruO97VNnACW935l0qne9UcKitMB5onGfqUavwZG+pIR B+M1MJpRuC7DfpzvElNt82biYGmysUNiFVLm8h12wjarnz0VHqazACugs9AJrYBe f+KPBDfRZOglrz7wzDiTmOtagTJ9wRFYlGP1WAEXZj05UnW22uYkTsflxPpgvx2J HdUv6jzFZZibZoPOk+5DE9aMJ3sLWqxv8RKOhE/F91e7pee0kKTKJ7kDtDCIJQbb C611ph6UwQ2hOarSOSMQaCLf+J+bU0ULRdu7+gRQS1CGaIq4rQ5BnTFCNWNKkqIz +V4DrT9CntSUht4+V/Nl3MKtUm4V =xGLg
-----END PGP PUBLIC KEY BLOCK-----

2.9 Team Members
  • Hananto Susilo, as a Team Lead of CIRT Pertamina.

2.10 Other Information
Further information about CIRT Pertamina can be found at: https://cirt.pertamina.com/

2.11 Points of Customer Contact
Preferred method to contact CIRT Pertamina is through e-mail. For incident reports and related issues, please directly use infosec@pertamina.com.
If it is not possible – or advisable due to security reasons – to use e-mail, you can contact or reach us through fixed line – telephone at 1500234.

CIRT PERTAMINA`s operation are generally restricted to regular business hours:
From 8:00 a.m. to 5:00 p.m. that is GMT +07:00
Asia, Jakarta – Indonesia Western Time
Monday through Friday, excluding National Holiday.

Note that: We will response ONLY DURING THESE HOURS.
Our phones are connected to IVR (Interactive Voice Response) System that will record any communication, but officers and staffs are only available during office hours. So, please consider time differences between your area and ours, thus eliminating the possibility of a wasted call.
Otherwise, please use email.


3. Charter


3.1 Organizational Information
CIRT Pertamina is an ad-hoc organization consisting ICT function related to cyber security across Pertamina Group which signed by Director of Business Support, PT Pertamina (Persero)

3.2 Mission Statement
The main purpose of CIRT Pertamina is as corporate cyber security incident responder, to coordinate and handle incidents across Pertamina Group.

3.3 Constituency
CIRT Pertamina constituencies are:
Board of Commissioners and Board of Directors PT Pertamina (Persero);
Enterprise IT, Business Support Directorate, PT Pertamina (Persero);
Shared Service ICT, Business Support Directorate, PT Pertamina (Persero);
Sectoral CIRT Sub Holding (Gas, Upstream, Commercial & Trading, Refinery & Petrochemicals, Power New & Renewable Energy, Integrated Marine Logistics);
IT Subsidiaries and departments related to CIRT Pertamina organization;
IDSIRTII/CC as National CSIRT of Indonesia.

3.4 Sponsors and/or Affiliation
CIRT Pertamina is formed by Pertamina internally. Which means, it is fully funded only by The PT Pertamina (Persero).

3.5 Authority
CIRT Pertamina`s main purpose is to handle any kind of cyber security incidents and to coordinate others cyber security initiatives across Pertamina Group.



4. Policies


4.1 Types of Incidents and Level of Support
CIRT Pertamina is authorized to address any kind of cyber security incidents, which occur or threaten our constituency (see section 3.3 Constituency) and its cyber strategic interest, in which required cross-organizational coordination, especially at corporate level. We will impose any precaution action needed and committed to keep our constituency informed to any potential vulnerability. Special attention will be given to the issues that are directly affecting to critical infrastructure.

4.2 Co-operations, Interaction and Disclosure of Information
CIRT Pertamina will cooperate with other organizations in the field of cyber security and Internet infrastructure. Those engagements often require data or information exchange regarding to incident and issue. Nevertheless CIRT Pertamina committed to protect privacy of its constituency and therefore (under normal circumstances) only pass on limited and anonymized information to others party, unless some contractual agreements apply, for example Non Disclosure Agreement (NDA) or Confidential Statement.

4.3 Communications and Authentication
For usual communication, not containing sensitive information, CIRT Pertamina will use conventional methods like unencrypted e-mail.
For secure communication PGP-Encrypted e-mail or telephone will be used. If it is necessary to authenticate a person before communicating, this can be done either through existing peers of trust or even face-to-face meeting if necessary.


5. Services


5.1 Incident Response
5.1.1. Incident Triage
Determining whether the incident and the reporter are valid and authentic. Assessing related information and prioritizing the incident.

5.1.2. Incident Coordination
Determine any involved organizations. Contact person in charge to investigate and take appropriate action. Facilitate contact to other parties that can help to resolve the incident. Send reports to other related CIRTs, like IDSIRTII/CC if it is needed.

5.1.3. Incident Resolution & Recovery
Advise others IT security teams involved to take appropriate actions. Follow up progress, ask for reports, report back and escalated to higher authority/management. CIRT Pertamina assists others security team in technical and management aspects of incidents as needed. We engaged to any kind of mitigation and remediation process upon by constituency’s request.

5.2 Proactive Activities
Conducting Corporate Security Operation Center – to detect known threats, anomalies and any kind of potential security issues within Pertamina IT Infrastructures. Providing information security related information, threat intelligence, actual monitoring events and research analysis result. Managing socialization to enhance information security awareness to the constituencies, related parties and providing cyber security training regularly.


6. Incident Reporting Forms


Please send information security incident reports to infosec[at]pertamina[dot]com with ID and proof of incidents (logs or files) attached.


7. Disclaimers


While every precaution will be taken in the preparation of (those) information, alerts and notifications, CIRT Pertamina assumes will not take any responsibility for errors, omissions or damages resulting from the use of the information contained within.
This information should be solely used only as mentioned.