WORLD IN A SPIDER'S WEB

If we conduct a global poll on the topic "The biggest achievement of the 20th century", the overwhelming majority of respondents will answer - the Internet. Indeed, the Internet has become one of the greatest achievements of mankind and a huge leap ahead for civilization. But, as usual, there is a fly in every ointment. And along with the obvious advantages, the World Wide Web has brought about many problems. For example, thanks to the development of the Internet and hi-tech in general, the opportunity has arisen to move huge flows of information across national borders, which in turn are no than a formality in these conditions. This information is not always safe. Therefore, humanity is now dealing with a problem on a global scale - information security which is an integral part of the concept of national security. Needless to say, this issue is particularly relevant for a country in a state of information warfare.

In the sights of a cyber weapon

Certainly, the term "information security" has different meanings. For example, if the average user cares about the safe storage, processing and transmission of information, the state pursues, in addition, a much more global goal - to protect national interests in the information sphere. The flow of information must secure the formation, use and development of the information environment in the interests of citizens themselves and the state. It is also important who the source of information is and how it affects people psychologically.

In this connection, the protection of information in all its stages is of special importance. Therefore, in recent times mankind has been engaged in an active fight, including against computer crime.

Almost 10 years ago, on 23 November 2001, the Council of Europe Convention on Cybercrime was adopted in Budapest. The purpose of the convention is to harmonize laws on computer crimes, which are different in different countries. The convention expressly stipulates such crimes as the dissemination of racist and xenophobic materials through computer systems.

Azerbaijan joined the convention on 30 June 2008. The country has established a centre for cybercrime and is working to bring national legislation into conformity with the requirements of the convention. In particular, it has almost formed an office of information security similar to the US Critical Incident Response Centre (CIRC), and work is under way to train personnel in this area.

Although the European Convention on Cybercrime reserves the right of a party (state) not to impose criminal liability for these crimes, Azerbaijan has already prepared and submitted amendments to the Criminal Code to parliament. This emerged during the Baku-hosted international conference "Cyber and National Security: NATO Policy and National Vision". According to an official of Azerbaijan's Ministry of National Security, Karim Karimov, amendments to the Criminal Code are expected to be adopted in the near future.

In addition, Karimov stressed that "cybercrime in cyberspace is transnational in nature" and "is constantly studied". Moreover, he noted that "in the Internet environment, there are appropriate conditions to hide traces of cybercrime" and "these crimes number dozens per year". They are connected, according to the MNS representative, largely with the destruction of information or hacking of Internet websites.

Karimov said that Azerbaijani-language websites and information resources based on foreign servers were recently identified in Azerbaijan, and they are a manifestation of cyberterrorism. The MNS and the Ministry of Communications and Information Technology, in cooperation with other entities, have already succeeded in stopping their activities.

The investigation revealed that these websites contained instructions for the spread of national and religious conflict, the establishment of illegal armed groups, recruitment of people for terrorist and radical religious organizations and manufacture and use of improvised explosive devices.

Karimov noted that the dissemination of false information about Azerbaijan is also a crime: "As a result of deliberately distorted information posted by biased forces, a number of known websites and information portals that are used and referred to by users are losing their credibility. As an example, we can cite Wikipedia. Very often, it contains biased information about Azerbaijan, and persons who know nothing about Azerbaijan receive false information about our country, and this affects the country's credibility and economy."

"Solving this problem entails some difficulties, but to address the issue, international organizations and foreign countries are holding discussions and systematically taking measures," Karimov said.

The MNS representative also raised the problem of the increasing number of websites on which separatist, nationalist, radical and racist forces are engaged in false ideological propaganda.

According to him, Armenia continues its aggressive policy against Azerbaijan in cyberspace as well: "These attacks are also made from neighbouring countries. Recently, the websites of two Azerbaijani ministries were attacked by a computer network and information resources. The investigations conducted by our colleagues in neighbouring states established that this was the work of Armenian citizens."

The sale of special technical means for acquiring information through the Internet is widespread, said the MNS spokesman. This happens in the form of theft of telecommunications traffic, and recently the number of these crimes has increased. Mainly, virtual companies are created with limited technical capabilities under the guise of providing cheap telephone calls to various countries, and they transmit more communication traffic than they can. But they cannot transmit it with high quality and stably, and as a result, problems appear in channels. The communication traffic, which cannot be transmitted, does not reach its destination.

According to the MNS official, there are also cases when pornographic materials, child pornography and drugs are sold via the Internet. In addition, there are instances of destruction, modification and denial of information, copyright infringements, misappropriation of information, dissemination of virus programmes to computers and their networks, banking and financial fraud, use of information from illegally obtained plastic cards and money laundering.

"Forces using information technology to carry out their illegal activities, criminals and terrorists create cyber threats to national security," Karimov said.

Azerbaijan's Deputy Minister of Communications and Information Technology Elmir Valizada also notes that information security is part of the national security of Azerbaijan. According to him, in a globalizing information society, conflicts taking place between states move into virtual space, giving rise to new types of crimes using modern technology, while terrorism, separatism and extremism become even more widespread.

"In the information society emerging in the world, there is a need for concepts of national security," Valizada said.

The deputy minister also noted that the problem of information security, including protection of computer networks, is particularly relevant against the backdrop of the increasing number of Internet users in Azerbaijan. In this regard, a number of major international standards have been adopted in this area to enhance information security in Azerbaijan. Thus, over the past two years, 10 standards have been approved and an additional six have been prepared for approval. This allowed us to take a number of measures for information security in public and private agencies.

"The dangerous berry"

Of course, it is impossible to guard against crime, especially in the virtual space. Today there are many social networks, including the popular Facebook. Skype, which provides voice communications between computers (VoIP and IM) over the Internet, is also popular. There are numerous free software programmes to exchange voice and text messages, and tracking the flow of information here is problematic. In some cases, the controlling authorities of a state may gain access to a user's information, including his voice.

But the real headache for controlling agencies in this context is the BlackBerry smartphone, which ensures an unprecedented level of protection for correspondence thanks to perfect encryption protocols. It is obvious that this fact could not but cause concern in the relevant bodies of a number of countries around the world in terms of national security. The "berry" smartphone had problems in the UAE, Saudi Arabia, Kuwait and India, which are considering banning the use of these devices. But the real sensation was the news that the European Commission banned its employees from using BlackBerry smartphones. This caused a major stir in society, and many believe the ban is a violation of all principles of information security in the Internet and storage of users' personal data.

Azerbaijan's Minister of Communications and Information Technology Ali Abbasov said that the information security issues of Skype and BlackBerry smartphones concern Azerbaijan as well. At the same time, he said that the problem of the information security of BlackBerry users is not so relevant for Azerbaijan yet. "Nevertheless, our specialists are working on this," Abbasov said. He noted that with the development of information technology, Skype is becoming increasingly popular among Internet users in Azerbaijan, and its use involves certain risks of information security. "Many countries are working to develop methods to protect against existing threats to information security. Our country is no exception, and we are working to resolve this issue," Abbasov said.

It is worth noting that the issue of Skype security is very important today, since the system's security has significant flaws. The lack of confidentiality, i.e. protection against unauthorized access to information, allows hackers to steal valuable information and monitor the work of entire organizations that use Skype for business negotiations. Therefore, the question of how much you can entrust the safety and confidentiality of information to such programmes is rather problematic.

It is also worth noting that the safety and confidentiality of data sometimes depends on users themselves. For example, our country has a seemingly solvable problem: licensed software, including antivirus programmes, is not common here, which reduces the level of security.

Attention! Hazardous information

Another problematic question is trust. Talking about information security, we cannot fail to note the presence of false information on the web. And the question here is not about the image of a country, i.e. slander. It is not hackers, information warfare, calls for acts of terror and the fraudulent withdrawal of cash from bank cards that represent a great danger to ordinary users, it is rather false annotations to medicines, prescriptions, medical procedures, instructions to operate appliances, etc. The slightest shortcoming in this area may cause information to be fatal for those who trust it, not to mention incorrect information posted on the portal of a government agency or about a draft law.

According to experts, the problem is that Internet users tend to trust any information posted on the web. US scientists have found that people's trust in information on the Internet is at a surprisingly high level and does not decrease with time. The researchers believe that people have almost no skills in filtering false information on the web.

Of course, it is everyone's personal business to trust or not the Internet. But everyone should know: the World Wide Web, albeit virtual, is a reality the existence of which or coexistence with which we cannot deny. What is more, the network is run by people with different characters, principles, attitudes and behaviour which do not always comply with generally accepted standards. Hence, the significance of information security issues is simply inexhaustible. The main thing here is that it is people who run the Internet rather than vice versa.