LLMpediaThe first transparent, open encyclopedia generated by LLMs

NIC.br’s CERT.br

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: LACTLD Hop 4
Expansion Funnel Raw 59 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted59
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
NIC.br’s CERT.br
NameCERT.br (Computer Emergency Response Team Brazil)
Native nameCentro de Estudos, Resposta e Tratamento de Incidentes de Segurança no Brasil
Formation2006
HeadquartersSão Paulo
Parent organizationNúcleo de Informação e Coordenação do Ponto BR

NIC.br’s CERT.br

NIC.br’s CERT.br is the national computer emergency response team housed within Núcleo de Informação e Coordenação do Ponto BR and tasked with protecting Brazil’s Internet infrastructure. It provides incident handling, vulnerability analysis, situational awareness, and public advisories to stakeholders across the Brazilian Internet ecosystem. CERT.br interacts with Brazilian institutions, regional CERTs, and international organizations to coordinate responses to cyber incidents affecting networks, domains, and critical online services.

Overview

CERT.br operates as an operational unit of Núcleo de Informação e Coordenação do Ponto BR and engages with stakeholders including Ministry of Communications (Brazil), Ministry of Justice (Brazil), Federal Police of Brazil, and regional CERTs such as CERT-DF and CERT-RS. It contributes to national cyber resilience by publishing advisories, maintaining incident databases, and providing threat intelligence to ISPs like Claro Brasil, Vivo (telecommunications), and TIM Brazil. CERT.br collaborates with international bodies including FIRST (Forum of Incident Response and Security Teams), OAS (Organization of American States), and ICANN to align operational practices and coordinate cross-border mitigation.

History and Development

CERT.br was established in 2006 within the institutional framework set by NIC.br and the operational history of incident response pioneered by CERTs such as CERT Coordination Center and national teams like CERT-EU. Its development paralleled Brazil’s Internet expansion driven by actors including ANATEL and initiatives like Projeto FONTE. Key milestones include initial incident reporting systems, launch of public advisories during widespread campaigns such as malware outbreaks traced to families like Conficker and Zeus (malware), and adoption of information sharing mechanisms influenced by FIRST and ENISA. Over time CERT.br incorporated practices from ISO/IEC 27001 frameworks and adapted to legal changes including provisions from Marco Civil da Internet.

Roles and Responsibilities

CERT.br’s principal roles encompass reactive incident response, proactive vulnerability coordination, and public education. It provides handling for incidents affecting domain infrastructure overseen by Registro.br, coordinates vulnerability disclosure processes akin to policies from National Institute of Standards and Technology models, and issues alerts on threats such as botnets, phishing campaigns, and DDoS attacks that affect entities like Banco do Brasil and Petrobras. CERT.br also supports academic and research communities including University of São Paulo and Federal University of Rio de Janeiro through data sharing and capacity building.

Services and Operations

Operational services include 24/7 incident reception, malware analysis, spam and phishing takedown support, and CERT.br’s repository of indicators used by ISPs, hosting providers, and registrars. CERT.br operates technical tools and platforms influenced by projects such as MISP and collaborates on telemetry initiatives with network operators like NICE (Network Information Center) participants and IXPs such as IX.br. Training programs target professionals from Serpro and Dataprev, while public-facing resources support civil society groups including SaferNet Brasil and research networks like RNP.

Incidents and Responses

CERT.br has responded to high-profile events including large-scale DDoS incidents impacting government portals, malware campaigns affecting financial institutions such as Itaú Unibanco, and coordinated phishing operations leveraging brands like Correios (Brazil). It has issued alerts during exploitation of vulnerabilities in widely used software from vendors like Microsoft and Oracle Corporation, and coordinated mitigation for botnet takedowns using intelligence exchange with teams such as CERT-US and CERT-FR. CERT.br’s incident reports inform broader analyses by research centers such as CERT-CC and industry groups like APWG (Anti-Phishing Working Group).

Governance and Partnerships

Governance of CERT.br follows mandates from NIC.br and interacts with oversight entities including Conselho Gestor da Internet no Brasil (CGI.br). Partnerships extend to law enforcement agencies such as Polícia Federal (Brazil), regulatory agencies like ANPD (National Data Protection Authority), and private-sector alliances with telecom providers and cloud companies including Amazon Web Services and Microsoft Azure. International partnerships include collaboration with regional CERTs in Mercosur countries and participation in exercises under frameworks promoted by OAS and UNODC.

CERT.br’s activity occurs within Brazilian legal instruments like the Marco Civil da Internet and data protection rules under Lei Geral de Proteção de Dados Pessoais enforced by ANPD. Its actions align with international norms codified by organizations such as ITU and comply with procedural requirements when coordinating takedowns that implicate providers under statutes enforced by Superior Court of Justice (Brazil). Policy guidance and disclosure practices reference standards from ISO and procedural precedents observed in cases involving telecommunications regulation by ANATEL.

Category:Computer security organizations Category:Internet in Brazil