CSIRT.CZ is the National CSIRT of the Czech Republic. The team primarily fulfills its duties according to the Cybersecurity Act (hereinafter referred to as CA). The scope of CSIRT.CZ's operations covers the entire address range of the Czech Republic, excluding critical infrastructure. Network administrators who need help with incident resolution, require coordination, or suspect that an incident could have a nationwide impact can contact us. More information about CSIRT.CZ can be found on the csirt.cz website.
CZ.NIC-CSIRT is the internal security team of the CZ.NIC association and is responsible for handling incidents within AS25192 and AS200070, as well as incidents related to the nameservers for the .cz domain and 0.2.4.e164.arpa. More information about this team can be found at nic.cz/csirt .
The CSIRT.CZ team can be contacted at the following email addresses:
info@csirt.cz is for general communication regarding the functioning of the CSIRT.CZ team
info@zkb.csirt.cz is for inquiries regarding the reporting of contact information or incidents under the Cybersecurity Act (CA)
abuse@csirt.cz is specifically for reporting incidents
Entities falling under the CA should primarily use the form at csirt.cz/en/formulare/incident-reporting-based-law/ to report incidents.
The CSIRT.CZ team can also be contacted at +420 910 101 010. Outside of regular working hours, urgent cases can contact the CZ.NIC helpdesk at +420 222 745 111. The helpdesk will evaluate the report and escalate it to a team member if necessary.
You can contact the CZ.NIC-CSIRT team via email at csirt@nic.cz +420 910 101 010 .
Outside regular working hours , urgent cases can contact the CZ.NIC helpdesk at +420 222 745 111 .
The hotline is used for reporting online content that falls under child abuse materials (such as the distribution of child pornography, child exploitation, inappropriate child nudity, and cyber grooming).
Reports can be sent to stoponline@nic.cz STOPonline web.
The Penetration Testing service is one of the commercial services offered by CSIRT.CZ. More information about this service can be found on the page Penetrační testování .
If you do not want to receive data from the PROKI project, for example, because you are conducting research that is detected as potential attacks, contact us at proki@csirt.cz
The service is primarily intended for holders of .CZ domains who are also public administration bodies, educational institutions, or non-profit companies or organizations.
All information, including the order form, can be found on the website Bezpečnostní testy .
Upon receiving information that a fake e-shop is hosted on a domain within the .cz ccTLD, we do not remove or cancel the domain from the zone. However, we will check the domain holder's details, and based on the findings, the domain may be added to the verification process, which could lead to the cancellation of the registration (but not due to the content of the domain, rather due to incorrect registration details).
If we receive a decision from one of the relevant authorities (most often the Czech Police), and this pertains not only to risky e-shops, the domain may be blocked from transfer or removed from the zone (or both, depending on the decision's wording).
We monitor the list of risky e-shops on the Czech Trade Inspection Authority's website, as well as similar lists issued by the State Agricultural and Food Inspection Authority and the State Institute for Drug Control , and we include the contacts in the data verification process.
