Last updated: 
4 months 6 days ago
Blog Manager

We are the Computer Security and Incident Response Team (CSIRT) for the Janet network. Part of Jisc's Security Operations Centre, our mission is to safeguard the current and future network security of Janet (steering the security policies for all Janet connections) and of our customers, creating a secure environment to conduct your online activities. Our primary function is monitor and resolve any security incidents that occur on the Janet network, with specialists tracking a range of platforms, including Unix, Linux and Windows.

Blog Article

Janet network CSIRT recently provided guidance to a Janet-connected organisation that experienced a malware infection. The site performed a full analysis of the incident and wrote a post mortem of the event and the lessons learned from it. The report was created initially for internal use, but they have kindly allowed us to publish a redacted version, in case it is useful for other institutions:

1 Summary

Blog Article

As you may now be aware, the FBI and NCA are coordinating 'global day of action' against the Zeus-P2p and Cryptolocker families of malware. Law enforcement and industry partners will be collaborating to interrupt infrastructure vital to the malware's operation and to raise public awareness of these threats.

Blog Article

We've disabled our monitoring of netflow feeds for W32/Conficker/Downadup infections. Given the decreasing number of vulnerable systems, the wide awareness of this issue and the low threat posed by the malware we've decided it was no longer worth the effort and resources to maintain a system that was generating a handful of alerts each day.

Our reports of infections will continue, but they'll only be sourced from data sent to us by third parties such as Shadowserver.

Blog Article

Microsoft's recent take down of domains related to Citadel (a varient of Zeus) botnets has unfortunatly also taken down a number of sinkhole domains that were being used by researchers to monitor and report on Citadel infections.

As a result of this our reporting of Citadel and Zeus infections may see a drop in the coming weeks. Any decrease in the number of infections seen at a particular site may be due to this lack of visibility.

Prev | Next