Ayuda Urgente Ayuda

Certificado de seguridad

(Información en inglés)

1 ABOUT THIS DOCUMENT

1.1 Date of Last Update

This is version 1.0, published 2018/XX/XX.

1.2 Distribution List for Notifications

Notifications of updates to this document are submitted to internal staff members of Bank Sabadell.

1.3 Locations where this Document May Be Found

The most updated and current version of this document is available on the Banc Sabadell web site:
URL Banc Sabadell.

Please ensure you are using the latest version of the document. 1.4 Authenticating this Document This document has been signed using the Banc Sabadell PGP key. The signatures are also on our Web site PGP Signature: URL Banc Sabadell.

2 CONTACT INFORMATION

2.1 Name of the Team

Grupo Banco Sabadell CERT: Grupo Banco Sabadell Computer Emergency Response Team.

2.2 Address

Banc Sabadell. S.A., Avenida Óscar Esplá, 37, 03007 Alicante, Spain

2.3 Time Zone

Central European Time - CET (GMT+0100, and GMT+0200 from April to October).

2.4 Telephone Number

None available.

2.5 Facsimile Number

None available.

2.6 Other Telecommunication

None available.

2.7 Electronic Mail Address

cert@bancsabadell.com.

2.8 Public Keys and Other Encryption Information

Please encrypt any sensitive e-mails with the Grupo Banco Sabadell CERT PGP key and send it to: cert@bancsabadell.com.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: Encryption Desktop 10.3.1 (Build 13100)

mQENBFv1ZPsBCAC7ZPFKqDgw+PToDx4y5CfcX8WGDoRHSutZFPhk4tCGfDvchtIo l5LYkph7UK/ywtF7NbL1zR1t1N+9pRlAf1cEhEtLXeiO8XPoSrCuB+IjqWMCkq7e
/J/otrOOWH4qtOov8qkIIW5DUsY78HCwHt+wWQ6Yn27ju87kiah3pS4+rb5SGcam zLdlZtfcdcHtyXXnMczk8HwG6zQRn7m7VmsEy2Pt48FWC46lDVN6mcPCQ85k13py PBSVybimiV4djhYBgxraIWU4CmmUuy25MAVtCHMjXNGv4ZCGlKkB3NHux0qVuAhn khj2eAQdWKriZqDfRjmnsK0TPj4yyJm2xU5jABEBAAG0MUNFUlQgR3J1cG8gQmFu Y28gU2FiYWRlbGwgPGNlcnRAYmFuY3NhYmFkZWxsLmNvbT6JAW4EEAECAFgFAlv1 ZPswFIAAAAAAIAAHcHJlZmVycmVkLWVtYWlsLWVuY29kaW5nQHBncC5jb21wZ3Bt aW1lBgsJCAcCAQIZAQUbAwAAAAUWAAMCAQUeAQAAAAQVCggJAAoJEBHm6XX0H0Sv E5oIAJkLxYpuTLF3rCd9xTQdWg/KfK8t1bvhvMTjTC2KqTQDTfc0wMzB6pkweUHd DI3p8a8gApMvFFnlXdz7huGzi3z9hXMDfFgow9Od0Y1xm7a9fOy3Rx3Yg70BRDcx uSe+D2OoIsZkAD3MBPk9GmRL3PrWb+kOeddDuQI16u+I02rKcQnp2Kxtu+eZy0zm E7nZJAwQR19LuuxkorXRrwbckUCafAIZlclK2XgHfqp2bo3+5MbWdDSfSnwu4wfw l7SY0dLN3rzS5eVErJ+YiJphNAg/38yi4CZNN3yWxjykIFIch0qu0kosDVbIjQg/ jjF2N03fhei4LONVTSxGZFhhMTa5AQ0EW/Vk+wEIANw5Ap083/F8WtcfyCes2dgK x3MN4EgoR4a2U/XzQ/mKKl8pJpoDoCr96iVcifoswpE5qyzP43pDFDdOl3rwh5MH TcDvy49/AEaNbaRjAbAeVvw+BvY0+xwhDBQDbt0KzO+TqYHB+fzUi0H+CZ2nZdx6 TTbDBqpe1xwHPJILlUUrC525R/fyvrdZG/xzTzXB+BTNf99fUnTEVea5bYGf6JTJ p6U11cOfSKLupJbRkhLOoFLLPaEMdPcj7ho5FwDokKPBtibQ8bVL3RI23CeZvA4S tXeFxIwSsA9cABOWDlt1QHe4nsZ+QvDOh/yzT/ERiy51yQ+5TpsmoVEhTD22MrMA EQEAAYkCQQQYAQIBKwUCW/Vk/AUbDAAAAMBdIAQZAQgABgUCW/Vk+wAKCRDc7+D7 snxEW5A4B/4n9o67E9Y+h1XrhEjtFl92E4nSIwKXqZrloJqMaBslMlq+H4rynml7 qWDT/UBjcsgG3uaUDckyU6u+oiCr8lZj17AloK9oThp+hHL/J9crLmCjGRChNyWS uVcGy1LHb1+ApKlMgjdtV3xSPkXMPY0pDO4IMnHxA+nJSDPdG7t3qeVuGVVbJvIN PDDhhDuDU/Xo9BGvOsMRhbrV9OZLaa3lJxxhNiPL62P1palZHYulPFhACV1G9ngz Lng/2XirKFdqn/q3NGh7GSJ1P5OvhBM5BiSWRXMVwimuSnnvTZ6eiZR84pPcBdb3 Yhm/Q1CiioWHD8JCCJ27abbpJU/aZ9aRAAoJEBHm6XX0H0SvKLQIALkIskHIlAKk 75mWHPZk6oSdRTvmwmtb/33m0ir0ZSG5GbqYiL8QUGoiXg91tiN9dwcRcSGvxm25 Ey3YIpkVGtBLTvTpa06+i3VfXdjm/lap5VSyLgMdb4zsU7+23m6RoxsArktHy2Ph EPNgCmf9lgs4XZN5g5jnt//0Ksb3P6S7J5u5ImMM+ZFgwzxuro4IdPNFKY6uOUDS jifyVLbEsk5ukLIq7ma9NTyexbKnGVGQzBDU/3tXziimYn3t4U1BeiZzbVV2USMo ThgjzWvFSET2L9T1uTN/8QUl4YUhQXwBr5soxmWpNhcfegLn4vyTeT/9cI1xrrHG nAiFzOXjl68= =rTLm

-----END PGP PUBLIC KEY BLOCK-----

2.9 Team Members

No public information is provided about the Sabadell Banc CERT team members.

2.10 Other Information

None available.

2.11 Points of Customer Contact

The preferred method for contacting the Grupo Banco Sabadell CERT is via e-mail.
For general inquiries, please send an e-mail to cert@bancsabadell.com

3 Charter

3.1 Mission Statement

The purpose of the Grupo Banco Sabadell CERT is to provide a Response capability, formed by an Incident Handling team. CSIRT core services are responsible for monitoring, receiving, reviewing, validating, notifying and responding (takedown services) to security alerts.

3.2 Constituency

Grupo Banco Sabadell CERT supports incident response and security services for Banc Sabadell Group, their customers and related organizations.

3.3 Sponsorship and/or Affiliation

Grupo Banco Sabadell CERT is sponsored by Banco de Sabadell, S.A.

3.4 Authority

Grupo Banco Sabadell CERT operates under the auspices of, and with authority delegated by the IT Control Department of Banco de Sabadell, S.A.

4 Policies

4.1 Types of Incidents and Level of Support

Grupo Banco Sabadell CERT is authorized to address all types of computer security incidents that occur at its constituency.

All incident reports received by Grupo Banco Sabadell CERT are analyzed, classified and prioritized according to an internal incident classification policy so that an efficient and appropriate level of service is provided.

Resources will be assigned according to the following priorities:

  • Threats to the physical safety of human beings.
  • Root or system-level attacks on any Management Information System or any part of the backbone network infrastructure.
  • Root or system-level attacks on any large public service machine, either multi-user or dedicated-purpose.
  • Compromise of restricted confidential service accounts or software installations, in particular those used for MIS applications containing confidential data, or those used for system administration.
  • Denial of service attacks on any of the above three items.
  • Any of the above at other sites, originating from the constituency of Grupo Banco Sabadell CERT.
  • Large-scale attacks of any kind.
  • Threats, harassment, and other criminal offenses involving individual user accounts.
  • Compromise of individual user accounts on multi-user systems.
  • Compromise of desktop systems.
  • Forgery and misrepresentation, and other security-related violations of local rules and regulations.
  • Denial of service on individual user accounts.

Types of incidents other than those mentioned above will be prioritized according to their apparent severity and extent.

Note that no direct support will be given to end users; they are expected to contact their system administrator, network administrator, or department head for assistance. In most cases, Grupo Banco Sabadell CERT will provide pointers to the information needed to implement appropriate measures.

Grupo Banco Sabadell CERT is committed to keeping the constituency informed of potential vulnerabilities, and where possible, will inform this community of such vulnerabilities before they are actively exploited.

4.2 Co-operation, Interaction and Disclosure of Information

Grupo Banco Sabadell CERT will cooperate with other organizations in the field of computer security. This cooperation also includes and often requires the exchange of information regarding security incidents and vulnerabilities. Nevertheless Grupo Banco Sabadell CERT will protect the privacy of its constituency and therefore (under normal circumstances) pass on information in an anonymized way only.

Grupo Banco Sabadell CERT will only provide information to other parties with the sole purpose of facilitating the tasks of containment, eradication and recovery of incidents under the general principle of providing the minimum information possible.

Grupo Banco Sabadell CERT operates under the restrictions imposed by the law of Spanish Data

Protection Authority. Therefore it is also possible that Grupo Banco Sabadell CERT may be forced to disclose information due to a Court’s order.

4.3 Communication and Authentication

In view of the types of information that the Grupo Banco Sabadell CERT will likely be dealing with, telephones will be considered sufficiently secure to be used even if unencrypted. Unencrypted e-mail will not be considered particularly secure, but will be sufficient for the transmission of low-sensitivity data. If it is necessary to send highly sensitive data by e-mail, PGP will be used. Network file transfers will be considered similar to e-mail for these purposes: sensitive data should be encrypted for transmission.

Where it is necessary to establish trust, for example before relying on information given to the Grupo Banco Sabadell CERT, or before disclosing confidential information, the identity of the other party will be ascertained to a reasonable degree of trust. Within Community, and with known neighbor sites, referrals from known trusted people will suffice to identify someone. Otherwise, appropriate methods will be used, such as a search of FIRST members, the use of WHOIS and other Internet registration information, etc., along with telephone call-back or e-mail mail-back to ensure that the party is not an impostor. Incoming e-mail whose data must be trusted will be checked with the originator personally, or by means of digital signatures (PGP in particular is supported).

5 Services

5.1 Incident Response

Grupo Banco Sabadell CERT will assist system administrators in handling the technical and organizational aspects of incidents. In particular, it will provide assistance or advice with respect to the following aspects of incident management:

5.1.1 Incident Triage

Incident triage activities include:

  • Report assessment - Interpretation of incoming incident reports, their prioritization and relation to ongoing incidents and trends.
  • Verification - Support in determining whether an incident has really occurred and its scope.

5.1.2 Incident Coordination

Incident Coordination activities include:

  • Information categorization - Categorization of incident related information (logfiles, contact information, etc.) with respect to the information disclosure policy.
  • Coordination - Notification of involved parties on a need-to-know basis, as per the information disclosure policy.

5.1.3 Incident Resolution

Incident resolution activities include:

  • Technical Assistance - This may include analysis of compromised systems.
  • Eradication - Elimination of the cause of a security incident and its effects.
  • Recovery - Support in restoring affected systems and services to their status before the security incident.

In addition, Grupo Banco Sabadell CERT will collect statistics concerning incidents that occur within or involve the community, and will notify the community as necessary to assist it in protecting against known attacks.

5.2 Proactive Activities

Grupo Banco Sabadell CERT will take part in proactive services with the objective to reduce the number of actual incidents by providing proper and suitable information concerning potential incidents to the constituency. Grupo Banco Sabadell CERT will perform proactive activities to improve performance and capabilities, such as:

  • Information services.
  • Training and simulation activities.
  • Forensics and malware analysis.
  • Cyber Intelligence coordination and contextualization.
  • Threat hunting.

6 Incident Reporting Forms

All incidents will be reported via email using cert@bancsabadell.com.

7 Disclaimer

While every precaution will be taken in the preparation of information, notifications and alerts, Grupo Banco Sabadell CERT assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.