THE NETWORK WARS

Cybercrimes is a relatively new concept known in our vocabulary for almost two decades. Nevertheless, they evolve so rapidly that the analysts warn on a new global threat. A rapid spread of information technologies in Azerbaijan has contributed to the country's involvement in the global electronic financial system, development of e-commerce and a variety of virtual IT-services, e-government and electronic media. However, as in most countries of the world, the virtualization of economic, social and public spheres in Azerbaijan has also led to the spread of a global cybercrime pandemic.

Streamlined industry

Originally, the cybercrimes were mostly limited to malicious viruses, password cracking and destruction of confidential information. Since then, the cybercrime industry has changed its format, which covers stealing of bank details (phishing) and other financial frauds. Fraudulent schemes in the securities market, online auctions and e-commerce are increasingly popular. Illegal purchase and speculations with domain names In the US and some other countries are wide spread.

Today, most countries of the world including Azerbaijan are facing with no less dangerous threats in the virtual space. The hacking groups coordinated by criminal syndicates, extremist movements and often by security services commit attacks on information resources and electronic systems of individual organizations, and even the entire nations. In parallel with malicious intervention through the Internet network, creation of fake web sites, blogs, and webpages on social networks to spread illegal information and defamation are increasingly practiced. In practical terms, the lack of effective control over the virtual space, as well as its accessibility to users anywhere in the world creates huge environment for the virtual army of criminals. Fabricated stories to mislead public opinion, the calls serving to undermine territorial integrity of nations, support for separatism, libel, sowing ethnic and religious strife, etc. is just a short list of crimes that threaten not only the individuals and organizations but entire nations and states as well.

To assess the magnitude of global threats, it is sufficient to provide a few recent examples. In February 2016, a group of hackers stole $100 million from the Central Bank of Bangladesh, using the most secure SWIFT interbank protection network.

Frequent facts of bank robberies and other government institutions prompted the G7 countries to adopt a plan for ensuring the cyber security of the financial sector. "The incidents in cyberspace occur across national borders, cybercrimes can be committed from any country. We at G7 agreed to work on cyber security through a group of our experts, in particular to exchange information, to adjust the methods and strategies to counter cyber attacks, and to identify its shortcomings," reports the Japanese Ministry of Finance.

It is now obvious that critical energy and other technical infrastructure of a number of states are extremely vulnerable. For example, the hacking of BlackEnergy resulted in depowering of distribution systems in western Ukraine early last year.

The alleged attack and other illegal actions of Russian hackers in the Internet aimed at stealing confidential data and attempted to influence the results of recent presidential elections in the US. A joint statement of the Director of National Intelligence, the US Cyber ​​Command (USCYBERCOM), and the Pentagon inform about the facts of the use of cyber technology to "influence public opinion in Europe and Eurasia."

Apparently, the European states are also aware of the growing threat of cybercrimes. They are not limited to theft of funds or other local crimes, but already encroach on political and social institutions. "The fight against cybercrimes is one of the political priorities of Brussels, and the European Commission will make every effort to strengthen the collective stability on this issue", said Julian King, the European Commissioner for the Security Union.

Enemy Attack

In recent years, stable and effective defense mechanisms and the international experience in combating the dangers of cybercrimes are implemented in Azerbaijan as well.

Some 10-12 years ago, the activities of cyber criminals in Azerbaijan was expressed implicitely and focused mainly in hacking servers, which aimed at changing or destruction of content. However, the number of such criminal acts has been growing over the years. For some period, the Internet resources of government institutions of Azerbaijan registered in the gov.az domain zone have recorded hundreds of attempts of illegal entry. A significant portion of hacking attempts was traced back to China, the United States and partly Russia. As a rule, most of these interventions were non-hazardous and exploratory, while in more serious cases, illegal entries are usually detected and prevented by network administrators of attacked government agencies.

During 2008-2013, the number of these facts increased especially due to the increased activity of the Armenian network "pirates". Their share reached 25% of total number of attacks to state information resources and electronic media portals of Azerbaijan. Armenian hackers specialize in distributing dangerous malicious programs, DDoS-attacks on database servers, dissemination of information through fake or hacked websites, as well as using other people's IP-addresses.

On the other hand, the introduction of cashless trading mechanisms started about a decade ago contributed to an increase in the number of ATMs and POS-terminals, as well as payment of pensions and salaries of civil servants using plastic cards. In parallel, the growth of e-commerce and e-banking has contributed to the growth of virtual crimex in the country. In different years, a group of speculators carrying out various financial and banking frauds using counterfeit credit cards and other electronic details have been discovered in Azerbaijan. They were luring the Internet users to use allegedly cheaper telephone services, and managed to hack AZAL airline's website and unlawful purchase and sale of electronic tickets.

According to a number of international experts, financial cybercrimes in Azerbaijan is still very low in comparison with European countries, the USA and Russia. Thus, the research experts report that in 2016, Kaspersky Lab has blocked attempts to run malicious software designed to steal money on more than 3 million devices. In Azerbaijan, only 2% of users are exposed to banking malware. For comparison, Russia tops the list of countries where the people suffer from the risk of infection from malware (5%).

The initiative of the Council of Europe's so-called Budapest Convention on Cybercrime adopted in 2001 plays a huge role in the prevention of cybercrimes in the global Internet network. It is ratified by some 70 states of the world, including Azerbaijan. Due to the consequent obligations for the last few years improved the relevant legislation in the field of ICT and created special structures for cybersecurity az-net.

In 2008, the Ministry of Communications and High Technologies of Azerbaijan initiated the establishment of the Information Security Centre. This institution is similar to Computer Emergency Response Teams (CERT) existing worldwide.

Security mechanisms

Later in Azerbaijan was established Computer Emergency Response Team (CERT) acting under the auspices of State Agency for Special Communications and Information Security of the Special State Guard Service. Today, this institution is an effective mechanism to detect and prevent threats to public web resources and web-space of the country as a whole.

To repel cyber attacks, CERT experts apply the most advanced technological solutions. The Team actively cooperates and exchanges experience with international specialized organizations. In 2013, CERT of Azerbaijan became a member of the OIC-CERT, an institution under the Organization of Islamic Cooperation, and was elected to the board of OIC-CERT in January 2017. The main objective of OIC-CERT is to provide a platform for more than 20 member countries for research and development of joint initiatives and potential partnerships in matters of cybersecurity.

Despite the marked decrease in the number of network incidents in the virtual space of Azerbaijan, the situation in this area is still quite difficult. According CERT report for 2016, the number of requests related to the computer security of information systems of state structures in Azerbaijan increased by 53% (2704 cases). 94% of the total number of requests were reviewed and responded last year. Total number of reports was 351, which is 27% more than in 2015.

The situation in the "civil" the Azerbaijani segment of the Internet space is also far from stable. Thus, the study conducted by Kaspersky Lab reports that in 2016, 38% of the Azerbaijani users suffered from the Internet threats. Therefore, Azerbaijan became one of the top 10 countries affected by online threats risks. Russia, Kazakhstan, Italy, Ukraine and Brazil are on top of the list.

Azerbaijan is developing relevant institutions and mechanisms to ensure the local network security. Some 10 years ago, a local structure AZ-CERT under the auspices of the Institute of Information Technologies of ANAS launched the AzScienceNet scientific computer network project. AZ-CERT provides rapid response and collection of information about incidents in information security, conducting research and analytical studies and cooperation in this field with international organizations.

The interaction of state agencies and internet service providers helped to adopt a number of measures to detect unwanted Internet content and ensure privacy of children. Recently, the state communications operator Aztelekom tested the new service Secure Internet, which is available to users of ISP AztelekomNet and provides content filtering to protect children from the effects of unwanted websites that contain adult content, gambling, explicit language, incitement to violence, etc. Currently, Secure Internet is launched in test mode in telecommunication nodes of nine districts including the Absheron peninsula, Imishli, Naftalan, Goychay, Shirvan, Lankaran, Gabala, Oguz and Hajigabul. The service will soon be available in other regions of the country.

The main Internet operator of Azerbaijan, Azertelecom, with consulting support of Israeli experts is also implementing a project on cyber security: a new service is based in the company's data center and available public and private companies, banks and financial organizations in the country. We are talking about security auditing services - Penetration testing to identify existing vulnerabilities in the system and the options for addressing them, and this service frees customers from the need to maintain staff, and to buy expensive equipment for cyber defense.

The experts from Kaspersky Lab and Microsoft Azerbaijan provide active support in cyber security. The significance of such support was evident during the recent security conference in Munich, where President of Azerbaijan Ilham Aliyev met with the owner and CEO of Kaspersky Lab Eugene Kaspersky. It was noted that Azerbaijan successfully cooperates with Kaspersky Lab, and is interested in further expansion of this cooperation aimed at ensuring cyber security in industry, finance, etc.