DIGITALISATION RISKS

Geopolitical tensions over the past year and a half have only exacerbated network wars. Cyber threats against private, corporate and banking sectors have also increased significantly. Thus, Azerbaijan is stepping up the fight against cybercrime and is consistently implementing reforms to develop adequate hardware and software to protect its digital space. Given the increased risks, Azerbaijan will take additional measures to protect the cyberspace of the financial market. The Central Bank of Azerbaijan (CBA) has already approved a four-year Financial Market Cybersecurity Strategy. Measures to strengthen network security have also been discussed at the GSMA M360 Eurasia 2023 international conference held in Baku.

Network wars

Intensified global network warfare amid the Russian-Ukrainian war, as well as increased hybrid threats from ill-wishing states are pushing Baku to take further measures to protect cyberspace. This is an urgent task, as methods and practices of global cybercriminals are increasingly being employed as a tool of ideological, military-political struggle and cyber espionage between the leading powers. The list of countries leading and quite active in this area includes Iran, Russia, China, North Korea, Armenia and several South American states. This negative trend increased significantly last year with another round of the Russian-Ukrainian war. In addition to Ukraine directly involved in the conflict, supporting countries in other regions also suffer from increased cyber attacks on electronic state services, media and critical infrastructure. Due to Azerbaijan's neutrality and non-involvement in the conflict, these global tensions in the cyberspace have not affected the country directly.

According to Kaspersky, individuals and small businesses are the most vulnerable segments suffering network attacks. "In 2022, about a million phishing site hits were blocked in Azerbaijan. About 60% of all attacks were on home users and 40% on corporate ones," cyber security expert Mushvig Mammadov said. The 2022 surveys show an increasing number of cyber frauds mainly through social networks and messengers to obtain users' payment data and other personal information. Phishing attacks, social engineering, creation of clone sites for private and government agencies, media outlets, banks and other organisations accounted for the majority of the detected cyber incidents. There have also been attempts to hack emails and other corporate resources.

The State Service for Special Communications and Information Security of Azerbaijan, as well as other local relevant agencies successfully prevent cyber attacks on online state resources and the servers of the most important civil, defence and industrial systems.

Nevertheless, there is still a risk of cyber threats amid the turbulent political and military situation in the South Caucasus and strained relations with a number of neighbouring states. This primarily concerns threats from Armenia and Iran. According to the report Barometer of Cybercrime and Cybersecurity in Azerbaijan developed in cooperation with the EU and the Council of Europe, in 2022 Azerbaijani cyberspace was exposed to 25 hacker attacks apparently from Iran, given the IP addresses of attackers. "These countries have failed to cause any serious problems for Azerbaijan over the past years, but their criminal acts continue. In particular, after the defeat in the 44-day war, Armenian network pirates spread false information online on behalf of government agencies and banks. They also tried to hack the systems providing public services to cause confusion among the population of border regions and committed other provocations. Nevertheless, all these attempts have been promptly stopped," said Elmir Velizade, Head of the Non-Governmental Organisations and Communications Department of the Presidential Administration. According to Velizade, Azerbaijan jumped 15 steps among 169 countries, becoming the 40th best in the 2020 cybersecurity index prepared by the International Telecommunication Union. The same report ranks Israel 36th, Switzerland 42nd and Georgia 55th.

The situation in Azerbaijan's corporate sector is also relatively good. In recent years, the sector has been actively taking care of cyber security and implementing advanced solutions to prevent hacker attacks.

The segment of private users is the least protected, according to experts. The web resources of small media outlets and private companies also suffer from security deficiencies in network protection. The problem is serious enough, given that last year 97 information resources registered in the .AZ domain zone suffered from cyber attacks. Moreover, the investigation revealed a number of network security violations in information resources. Thus, 34% of local web resources have been encrypted incorrectly and insecurely, while 66% of them had incorrect server settings before they were attacked. However, repeated attacks showed that unfortunately, eight of these web resources have failed to introduce corrective measures.

Uniting for safety

Azerbaijan has accelerated reforms on technical development and protection of its digital space in order to cover all sectors of the economy with reliable network protection and improve the Internet literacy of ordinary users. The upcoming challenges and prospects for the development of reliable security network systems have been recently discussed at a roundtable called Building Secure and More Resilient Telecommunications Networks to Effectively Support the Digital Economy of the Future held at the GSMA M360 Eurasia 2023 Conference in Baku. The main topic of the high-level discussion was the development of strategic priorities for the region, deepening cooperation and promoting joint efforts to advance cyber resilience in the telecommunications industry.

"Azerbaijan is committed to the highest standards of cyber security. We support the efforts of the international community in the fight against cybercrimes and are willing to cooperate with our global partners in projects to protect telecommunications networks, because we understand the importance of harness all the opportunities of the digital economy," Tural Mammadov, head of the State Service of Special Communications and Information Security, said at the event.

It was underlined that building more secure and resilient telecommunications networks and effectively supporting the future digital economy is impossible without close coordination between network operators and their partners, suppliers and customers, telecommunications equipment manufacturers and, importantly, with relevant government agencies. "Today, progress towards an interconnected cyber world is a reality. Unfortunately, this has increased threats from malicious actors, making the protection of digital assets a challenge for all countries," said another conference participant, Haitham Hilal Al-Hajri, Executive Director of Cybersecurity Projects at Oman's National Computer Incident Response Centre. Therefore, the cohesive world of online crime needs to be countered through collaboration and close cooperation by all parties, with clear roles and responsibilities for everyone involved. It also requires the widespread application of internationally recognised standards and best practices to effectively prevent cyber threats. Effective mechanisms can then be introduced to provide a credible protection against cybercrimes.

Elvin Balajanov, Chairman of the Board of the Association of Cyber Security Organisations of Azerbaijan, holds a similar opinion: "Protecting critical information infrastructure is a key priority of the Azerbaijani government. It is critical that telecommunications service providers adopt appropriate security measures, protocols and technologies to mitigate risks and protect critical information infrastructure."

Another critical issue existing in many developing countries is the shortage of qualified personnel. While governments and large corporations have a relatively large pool of IT cybersecurity specialists, many SMEs, NGOs, Internet media or websites cannot always afford to hire qualified IT professionals. The deficit of qualified personnel is also a problem in Azerbaijan, which is currently solved by Türkiye. Turkish universities and special centres provide training to Azerbaijani students—future cyber security specialists. As part of joint programs on human capital development, Turkish specialized companies participate in the development of AI and G-cloud in Azerbaijan. Similar cooperation has been established with Israel. In particular, the Technion University supported the establishment of Azerbaijani Cyber Security Centre (ACSC), which already started training of profile specialists. "In the next three years we plan to train 3,000 cyber security specialists in Azerbaijan. The main goal of the centre is to train qualified personnel able to prevent cyber attacks. Among our long-term goals is the development of human capital, including the improvement of personnel and training in cyber investigations," said Daniel Hoffmann, head of the ACSC.

Protection for banks

The development of human capital and training of competent IT specialists, including in cyber security, is highly relevant to Azerbaijan's financial sector as well. Especially in the context of large-scale reforms recently launched by the Central Bank of Azerbaijan (CBA). This includes the 2023-2026 Cyber Security Strategy for Financial Markets approved by the CBA. It is designed to ensure the stable operation of financial structures, as well as the introduction of effective mechanisms to control the digital space and prevent network threats to banks. According to S&P Global Ratings, banks, payment systems, other financial structures and their customers are the most attractive targets for cybercriminals. This is where valuable personal data and transaction mechanisms can be accessed. Obviously, organisations with weak risk management systems are most vulnerable to cyber attacks. In recent years, Azerbaijan's banking sector has worked hard to expand its non-cash payment infrastructure, develop e-banking services and is now preparing for the mass introduction of fintech solutions. However, along with the benefits of the digitalisation of the financial sector, there are also risks for the sector due to the tangible increase in cyber threats.

Therefore, the Central Bank is constantly working to improve cyber resilience and information security in local financial markets. Thus, the Rules of Information Security Management in Banks introduced on April 1, 2022 define the minimum requirements for information security of Azerbaijani banks. The next step was the adoption of a new four-year strategy providing for effective actions in five main directions. It is planned to strengthen regulatory and supervisory bodies that ensure information security and cybersecurity in Azerbaijan's financial market and modernise the regulatory framework. Priorities include strengthening cyber risk management culture; establishing appropriate industry structures to manage IT technologies and strengthen cyber security; measures to strengthen cyber resilience and foster an info- and cyber security culture in the financial market. Obviously, these regulatory provisions will require banks, payment systems and other market participants to make serious efforts and investments to implement state-of-the-art hardware and software solutions and increase the knowledge and experience of the industry professionals who provide network protection for the financial market.