PROTECTION CLOUD

Rapid introduction of information technologies in Azerbaijan is accompanied by increasing network risks every year. We already have a roadmap on cybersecurity. Relevant government agencies successfully function to prevent hacker attacks and network frauds and host specialised international forums. However, experts urge to strengthen activities in the corporate sector, as well as ensuring the protection of personal data.

Secure base

The widespread introduction of IT technologies in Azerbaijan over the past fifteen years has contributed to Azerbaijan's involvement in the global electronic financial system, developed e-commerce and various virtual services, and the development of an e-government system. However, as in most countries of the world, the virtualization of processes in the economic, social and state spheres create additional risks for Azerbaijan. Similar processes are observed in all countries of the post-Soviet region. According to estimates of the International Telecommunication Union (ITU), UN experts, the Davos Forum, the European Union, NATO and other structures, the threats posed by international cybercriminals are ranked on top of the list of global risks, along with natural disasters and terrorist threats. Cybercrimes annually bring hackers more than $1.5 trillion in revenue from illegal online markets, IP theft, phishing, etc. Moreover, hackers can target such important elements of infrastructure as electric networks, petrochemicals, water purification systems and other important life support facilities of cities.

Undoubtedly, Azerbaijan has put in place effective mechanisms to protect critical information infrastructure from the most important civilian and defense facilities from cyberattacks. In general, there is an effective barrier against the attackers trying to damage the electronic resources of government agencies, leading media organisations, financial sector, etc. In recent years, Azerbaijan has created a team for responding to computer incidents at the Center for Electronic Security (CERT), which operates under the State Agency for Special Communications and Information Security of the Special State Guard Service. Today, this structure is an effective mechanism that identifies and prevents threats to state web resources and the Internet space of the country as a whole. The efforts of CERT experts in Azerbaijan prevented numerous attacks, including those committed by Armenian hackers against government agencies and media resources, as well as investigating incidents on computer networks and sending out warnings about threats and risks. To counter cyber attacks, CERT specialists use the most advanced technological solutions, including special software products developed in CERT. The use of new security technologies allows the specialists to detect voids and signatures of malicious threats, provide a high level of protection against DoS/DDoS attacks, phishing attacks, theft of passwords for access to e-mail and social network accounts, etc.

The Budapest Convention on Cybercrime adopted in 2001 at the initiative of the Council of Europe plays a huge role in preventing crime in the global Internet. Today, it has been ratified by almost 70 countries of the world. Azerbaijan has also ratified the Budapest Convention.

Cooperation with the EU in this direction will be continued, and the EU is ready to support the improvement of cybersecurity in Azerbaijan within the framework of the Eastern Partnership Programme. According to the head of the EU Delegation to Azerbaijan, Kestutis Jankauskas, EU provides technical and advisory support to Azerbaijan to ensure cyber security of companies, compliance with certain requirements by Internet providers, as well as in the field of personal data protection.

"Azerbaijan signed the international Budapest Convention on Cybercrime in 2008, and based on international standards, 18 national standards for information security were developed and registered. To ensure cybersecurity, software used in state institutions is licensed, and we hold various conferences, seminars, and cyber security trainings", the Deputy Minister of Transport, Communications and High Technologies, Elmir Velizade, said during the recent events in the framework of the Cybersecurity Week. He added that a sufficiently high level of cyberspace security is provided in Azerbaijan, and these issues are given special attention at the state level.

The situation is complicated…

At the same time, according to some experts, with the exception of banks, large international and local companies, the situation in the private and partly corporate segment remains difficult. Thus, according to Kaspersky Lab research, in the past few years, about a third of Azerbaijani users have encountered online threats on the Internet. Corporate sector still needs complete security, and due to the concealed nature of many facts of cyber attacks (companies are not interested in publicizing the negative), the real situation does not always match the official statistics published by businesses.

“We must provide enhanced network protection for the private sector if we want to increase the level of cyber security in the country. Our top priority is to provide support for IT companies involved in the development and implementation of cybersecurity software,” Rashad Azizov, head of the department for the innovative development of the information society and electronic governance of the Ministry of Transport, Communications and High Technologies, said at the Cybersecurity Week.

Indirectly, the presence of a negative factors in network protection is also confirmed by the decrease in the ITU rating, according to which Azerbaijan fell to 55th place in the Global Cybersecurity Index 2018 published in April last year. For comparison, two years earlier, Azerbaijan was ranked the 48th.

Despite a noticeable reduction in the number of network incidents in the Internet space of Azerbaijan, the situation still remains quite complicated. A few days ago, the Special State Security Service of Azerbaijan disseminated Cybero data, according to which 19 of the attacked local organizations neglect information security. So, 63% of interventions in information systems are due to the low level of server security. Some institutions use shared hosting services - even if there are no vulnerabilities in their own information systems, they can be on other servers. At the same time, 37% of interventions are due to vulnerabilities in the code. The structure believes that in the future after the launch of the "state cloud" the prevention of such attacks will be significantly simplified.

At the same time, various organised groups continue large-scale attacks on network resources in Azerbaijan. According to the Special Service, in 2019 two cyber groups were exposed, one of which was represented by hackers from Nigeria. Among other things, one of such groups attacked state bodies in Azerbaijan. These groups have been exposed, and investigation is conducted with support of international structures.

The complexity of the situation is also confirmed by the StealthMail team, according to which only in 2016 the number of cyber attacks on Azerbaijani companies exceeded 2.2 million, of which 84% of attacks were carried out by structures operating in Baku.

Microsoft Azerbaijan believes that it is necessary to strengthen the component of collective defense against cyber attacks in the country. In particular, the relevant state structures of Azerbaijan were invited to conclude a government security agreement with Microsoft. In this case, Microsoft’s Digital Crime Unity will provide international analytics to protect against Windows attacks and other products. However, in the current realities, it is not easy to reach such an agreement, since it is only about protecting licensed products, while in Azerbaijan over 4/5 of Microsoft software are illegal. Things are slightly better with the software of other world-wide vendors.

We need a strategy

The most important task for the future is the legalisation of software installed in the corporate sector, which is already carried out in government agencies and provides for international consulting, technological and legal resources in case of emergency situations as a result of cyber attacks.

Another task is the acceleration of the improvement of the regulatory framework and administrative mechanisms aimed at expanding the potential to protect against network threats. One of the steps should be the development of a cybersecurity index of state institutions in Azerbaijan. It is planned to introduce a new system of electronic queries for this purpose. Thus, two new modules will be introduced that demonstrate the effectiveness of the level of cyber and information security of state institutions, as well as their rating level. Another module will measure the response rate of government agencies to the electronic request system and demonstrate a so-called ‘vigilance index’.

According to Rashad Azizov of the Ministry of Communications, it is necessary to adopt the Information Security and Cybersecurity Strategy developed in accordance with the work plan of the Cabinet of Ministers. "The delay in making some additions to the strategy was due to the fact that the document did not reflect information security aspects. Given the importance of the issue, we currently work to combine these areas in a single document, Information Security and Cybersecurity Strategy". According to Azizov, information security implies not only cybersecurity. Given the ongoing information wars in the modern era, one of the relevant aspects of these activities is the protection of information outside of cyberspace, for example, in the segment of radio frequencies, etc.

Personal protection

Finally, the protection of personal information is identified as the most important task in ensuring cybersecurity in Azerbaijan. To understand the extent of this problem, it is relevant to cite data from a study by the American company IBM, according to which more than 85% of all account hacks in 2019 occurred due to security problems and incorrect settings of cloud services. Moreover, most of the illegal intrusions occurred due to previously known software vulnerabilities. Over the past year, more than 8.5 billion personal data and records were stolen globally by attackers, which is three times more than in 2018.

The issue of protecting personal information is also very relevant in Azerbaijan, said the Information Technology and Cybersecurity Auditor Ilgar Aliyev. He believes that it is necessary to strengthen control over access to personal data. Personal and professional information is subject to protection, such as financial assets, operations, obligations, medical records, biometric data, DNA, fingerprints, virtual space, political and religious views, social life, criminal history, location, correspondence, photographs, etc.

Information of this kind is periodically collected by government agencies, banks and insurance organisations, mobile operators, digital portals and payment systems, medical institutions, retail chains, educational institutions and other organizations. Often due to insufficient protection of the rights of data carriers, failure to fulfill obligations to provide information or a leak in the database, this confidential information is publicized or used for advertising purposes to promote goods and services via SMS, content advertising, annoying phone calls, etc.

"The protection of personal data in Azerbaijan is based on international legal acts and the corresponding convention. The personal data of our citizens must be reliably protected, as recently they are often subjected to external attacks," Deputy Minister E. Velizade said at the recent event called Digital Law: Protection Personal Data.

In order to prevent violations in this area, Azerbaijan is developing a number of legislative acts. A working group has been created to develop the General Data Protection Regulation (GDPR).

In short, the main changes in the future in this segment will be aimed at improving the coordination of measures to protect against cybercrimes and improving the legal and technological base.