EU CEF Projects
Joint Threat Analysis Network (JTAN)
Contract No: INEA/CEF/ICT/A2020/2373165
From 1 July 2021 CERT.LV participates in the implementation of the European Commission project "Joint Threat Analysis Network" (JTAN). The project is planned to be implemented by 30 June 2024.
The lead partner of the project is the Information Technology Security Incident Response Institution in Poland (CERT.PL) which operates within the structures of “Naukowa i Akademicka Sieć Komputerowa” (NASK). Other partners of the JTAN project are from Austria, France, Estonia, Luxembourg, Romania and Slovakia.
The overall goal of the JTAN project is to create a joint threat analysis network (JTAN). The network would be open to the European CSIRT (Computer Security Incident Response Team) cooperation group, which focuses on exchanging and analyzing intelligence on technical, operational and strategic threats.
It is important to ensure that information is available so that incident response teams can defend their customers - public authorities, critical infrastructure, other individuals and legal entities. The project will improve the incident detection and prevention process and potentially reduce the number of incidents.
Such incidents affect every Member State of the European Union – individual citizens who may become victims of cybercrime and also governments and essential service providers facing complex cyber attacks. The project is like a response to European level support for joint preparedness, joint situational awareness and coordinated response to cyber security incidents.
Within the framework of the JTAN project, CERT.LV continues to work on the development and improvement of the Graphoscope software. It is also planned to publish the Graphoscope software - released under an open source license. CERT.LV intends to get involved also in the improvement and testing of the automated system “Drakvuf Sandbox” (developed by CERT.PL). It is planned to participate in joint seminars and trainings with other project partners in order to strengthen the knowledge of employees and strengthen the overall capacity of the organization.
The Graphoscope is a tool to correlate data from different data sources and display it in a visual form. It is fully compatible and uses the data obtained using Pastelyzer, which was developed under the previously funded action: 2017-LV-IA-0058. The key features of Graphoscope include: 1) support for many data sources; 2) web-based interface and is not dependent on pre-installed databases; 3) easy deployment of the backend (implemented in Golang, no runtime dependencies); 4) interface provides flexible filters which facilitate analysis of large datasets.
The Graphoscope will be used by analysts to investigate heterogeneous intelligence sources available in JTAN.
The Graphoscope has been published in GitHub on 9 December 2021. Free software available https://github.com/cert-lv/graphoscope. CERT.LV continues to improve the tool.
Article "The Graphoscope has been released": https://cert.lv/en/2021/12/the-graphoscope-has-been-released
More on the CEF projects: https://ec.europa.eu/inea/en/connecting-europe-facility
The project has been extended until 30 June 2022.
Contract Nr: INEA/CEF/ICT/A2017/1528866
Project start: November 2018
CERT.LV is one of the 10 collaborative partners of the CyberExchange Project under the Connecting Europe Facility of the European Union led by the CZ.NIC Association.
Aim of the Project is to strengthen mutual cooperation of national and government CSIRTs/CERTs. The CyberExchange project reacts to the increasing threats in the cybersecurity area and the necessity of cross-border cooperation in the fight against them. At the same time, it aims to increase the staff expertise of the ten national and government security teams from Austria, Croatia, the Czech Republic, Greece, Latvia, Luxembourg, Malta, Poland, Romania, and Slovakia.
During the CyberExchange project staff exchange will be implemented, during which the members of individual teams will exchange experience and strengthen their expertise. The project also focusses on supporting the implementation of software tools developed by an individual team so that it could be used by a wider security community and in the fight against cyber threats also in other countries. In that way the project shall supplement the MeliCERTes platform, which represents one of the so-called building blocks of cross-border digital service infrastructure.
On top of that, the project plans cooperation with the National Safer Internet Centres aimed at sharing of ideas and awareness raising materials on safe use of information technologies.
More on the project:
Improving Cyber Security Capacities in Latvia
The project was successfully completed on 31 December 2020.
Contract Nr: INEA/CEF/ICT/A2017/1528784
The Cybersecurity Digital Service Infrastructure (DSI) is underpinned by the European Strategy for Cybersecurity: it provides an information sharing platform ("MeliCERTes") facilitating operational cooperation among Computer Security Incident Response Teams (CSIRTs), as well as funding for CSIRTs to effectively take part in its activities.
The Action's goal is to ensure compliance of the Latvian Computer Emergency Response Team (CERT.LV – hosted by the Institute of Mathematics and Computer Science, University of Latvia) with the NIS Directive.
The Action will increase the maturity level of CERT.LV, strengthen the capacities of its personnel, and carry out nationwide awareness-raising activities. Specifically the action will:
- establish access points from CERT.LV to MeliCERTes
- develop a Deep Analysis System to gather the data by scanning available resources for potential Indicators of Compromise (IoCs) or other relevant information
- upgrade and operate the national level cyber security IT system strengthen
- personnel capacities by attending relevant professional courses
- carry out nationwide awareness-raising and international engagement activities
Project funding has been used for co-financing Cybersecurity conference "Cyberchess 2018". https://cert.lv/en/2018/09/cybersecurity-conference-cyberchess-2018".
Key achievements have been summed up in an infographic: https://cert.lv/en/2021/02/celebrating-successful-implementation-of-cef-funded-action
More on the Project: