About National CERT

Sector – National CERT (CERT.hr) is part of the Croatian Academic and Research Network – CARNET, established on 30 October 2007 pursuant to the Information Security Act of the Republic of Croatia as a national body for the prevention and protection against computer threats to the security of public information systems in the Republic of Croatia, whose main task is to process computer security incidents with the aim of preserving cybersecurity in the Republic of Croatia.

CERT.hr deals with an incident if one of the parties to the incident is located in the Republic of Croatia, i.e. if it is on the .hr domain or in the Croatian IP address space, except for state bodies, legal entities with public authority and local and regional self-government units, which are under the jurisdiction of the National Cybersecurity Center (NCSC).

In addition, National CERT is the competent CSIRT for five sectors pursuant to the new Cybersecurity Act (Official Gazette 14/24). These are the following sectors: banking, financial market infrastructure, digital infrastructure (for the Registry of national top-level Internet domain names), research and the education system.

National CERT also performs CSIRT tasks for public and private entities, including citizens.

CERT.hr cooperates in the field of cybersecurity with relevant bodies at the national and international level.

Memberships

CSIRT network was established by the NIS Directive and consists of CSIRTs from EU Member States, CERT-EU and ENISA, and operates with the aim of contributing to the development of trust between Member States and promoting rapid and effective operational cooperation.

FIRST (Forum of Incident Response and Security Teams) is an international confederation of CSIRTs that collaborate and jointly resolve computer security incidents and promote prevention programs.

TF-CSIRT (Task Force CSIRT) is a working group that promotes cooperation and coordination between CSIRTs in Europe and neighboring regions, while establishing links with relevant organizations at the global level and in other regions.

TI (Trusted Introducer) is a program that represents a reliable backbone of team infrastructure services and maintains a list of known, accredited and certified teams according to their demonstrated and verified level of maturity. It is one of the three elements that make up the core of the TF-CSIRT portfolio, along with Task Force Meetings and TRANSITS. CERT.hr has been an accredited member since 2010.  

Services 

CERT.hr services are available to the general public. The operation of CERT.hr is partly funded by the Ministry of Science and Education, and partly by the European Union through various EU projects. 

CERT.hr implements proactive and reactive measures within its activities. 

Proactive measures: 

• security advisories 
• monitoring of computer security technologies 
• dissemination of information in the field of computer security 
• rising awareness of the importance of computer security 
• computer security education and training 
• vulnerability assessment for CARNET member institutions 
• issuance of electronic certificates for CARNET member institutions 
• security testing of CARNET services, as well as services and applications which need access to eMatica system 

 Reactive measures: 

• security warnings  
• incident resolution 
• coordination in handling significant incidents 

National CERT engages with its resources in helping to resolve significant incidents that are defined according to the following priorities: 

1. incidents that pose a threat to human lives
2. incidents that have a significant impact on essential services or key service providers
3. incidents of major importance 
4. new types of malicious attacks
5. other incidents

National CERT’s scope of operation does not include: 

• operational troubleshooting and safety concerns of individual systems  
• punishment of malicious users 
• arbitration in disputes 
• initiating criminal charges 

Projects 

CERT.hr, in addition to its regular activities within its legal constituency, implements and participates in the implementation of national and European projects. 

 

Contact 

General inquiries: cnre@tectrh.r

Incident reporting: niicedtnc@re.trh (We recommend following instructions to correctly report an incident!) 

Submission of reports about significant incidents from key service operators and digital service providers kz-sniicedtnc@re.trh

Press inquiries and media contact: press@carnet.hr 

 

Address 

CARNET 

Department for National CERT 

Josipa Marohnića 5 

10000 Zagreb 

Hrvatska 

Telephone: +385-1-666-1-650 

Telefax: +385-1-666-1-767 

 

Public PGP public key: 

• National CERT supports the use of the PGP cryptographic system. The signed public key can be found on all major PGP key exchange servers or here. 
• KeyID: 0xFCA254BB   Fingerprint: E54B B60A C4D1 45E7 0FF4 CC5B E35C DB85 FCA2 54BB 

 

Time zone: 

• UTC + 0100 – CET (Central European Time) 
• UTC + 0200 – CEST (Central European Summer Time: last Sunday in March – last Sunday in October) 

 

More information on activities, constituency, and services offered by CERT.hr is available in RFC 2350 (CSIRT Specification).