MCI-CERT as a Security Incident Management and Handling Team, is responsible for receiving, coordination, managing and handling of ICT security incidents of Mobile Communication Company of Iran (MCI). The mission of this team is responding to ICT security incidents, performing proactive actions to mitigate damages and reduce the probability of security incidents occurrence according to business continuity plan.
The objectives of MCI-CERT are as follows:

  • Provide an internal/external trusted contact point in ICT security incident handling
  • Provide a unified authority for receiving ICT security incident reports and responding them
  • Interaction and sharing knowledge, experiences and skills with other CSIRTs and law enforcement in order to improve security and manage ICT security incidents effectively.
  • Handling of ICT security threats, vulnerabilities and incidents in predefined deadlines
  • Reducing the damage of ICT security incidents in quality of services
  • Reduce the probability of reoccurrence of incidents
  • Improve organization's awareness and readiness against ICT security attacks and threats
  • Improve policies and mechanisms for the prevention of incidents continuously
  • Increase the accountability to the official authorities and law enforcement
  • Reactive Services
    • Alerts and Warnings
    • Incident Handling
  • Proactive Service
    • Announcements

You can submit incident or potential vulnerability report to MCI-CERT by email. It must contain at least following content:

  • Identical Information including Name and Last Name
  • Contact Information including Tel and Email Address
  • Status (Choose one of the: 1- Active, 2- Not Active, 3- Recurrence)
  • Occurrence time
  • Detection time
  • Incident category (Choose one or more of the: 1- Compromised Information, 2- Compromised Asset, 3- External Hacking, 4- Unlawful activity, 5- Email)
  • The approximate number of affected users
  • Detailed description of the incident or potential vulnerability
  • How to detect incident or potential vulnerability
  • How to exploit potential vulnerability

Note that all incident reports and information received by MCI-CERT will be confidential.
It is necessary to encrypt email with MCI-CERT's PGP Public key before sending it.