Cybersecurity in Azerbaijan: Threats, challenges, solutions Analysis by Caliber.Az
Azerbaijan has accelerated reforms aimed at the technical development of the country's digital space and its protection. The global network war that has intensified against the background of the Russian-Ukrainian confrontation, hybrid threats from Armenia, Iran, and a number of other hostile countries force Baku to strengthen measures to protect its cyberspace. First of all, all state institutions' integration in the domain zone gov.az and their transfer to a new, more reliable form of exchange of various types of files, functioning in a single mail system, etc has accelerated. These issues were discussed at the I Summit of IT Heads of State Institutions held in Baku on February 7.
The methods and practices of global cybercrime are increasingly being used by the world's leading powers as an instrument of ideological, military-political struggle and cyber espionage. According to international statistics, Iran is the leader among the states where special services are very actively using cyber groups and stimulating the "ideological" background of hacker gangs, Russia, China, the DPRK [Democratic People's Republic of Korea, North Korea], and a number of South American states are quite active in this regard.
The negative trend especially intensified last year with the transition of the Russian-Ukrainian conflict into a hot phase: in 2022, Ukraine's Security Service of Ukraine neutralized over 4,500 cyber attacks and cyber incidents, that is, three times more than a year earlier. NATO member countries in Europe and the United States have faced multiple rises in cyber attacks on public service Internet portals, electronic media sites and critical infrastructure. As a rule, the more a country is involved in a bloody geopolitical conflict in Eurasia, the more intense such attacks are.
In November last year, the European Parliament's website was attacked - any external access to the resource was interrupted. A month earlier, the digital resources of Poland's and Slovakia's parliaments, the electronic portals of the Bulgarian president and government, key ministries and the Constitutional Court of this country were attacked. Similar cyber attacks were carried out on government agencies and the media of the Baltic states and Scandinavia, and other European states.
Fortunately, Azerbaijan is not involved in the conflict situation in Eastern Europe either politically or in any other way and therefore has practically avoided the tension in global cyberspace associated with the escalation of the confrontation between the collective West and the Kremlin. The majority of cyber incidents reported in our country in the last year have been phishing attacks, social engineering, the creation of clone sites for mass media, government agencies, banks, and other organizations, as well as attempts to hack corporate mail and other resources.
However, Azerbaijan still has a high risk of facing cyber threats against the background of the turbulent military-political situation in the South Caucasus and in neighbouring states. "Over the past year, 1,192 special security indicators were blocked, which made it possible to protect state institutions from targeted cyber attacks," Tural Mammadov, head of the Department of the State Special Communications and Information Security Service (SSCIS), who attended the summit, said on February 7.
As Mammadov noted, these cyber indicators were identified as a result of cyber threats sent to state institutions, which were also analysed by the specialists of the SSCIS. Approximately two-thirds of these notifications were investigated based on information received from government agencies, and approximately one-third of the indicators were identified as a result of an analysis of internal cyber-attacks. Blocking such cyberattacks has prevented many hundreds of network threats to a number of government agencies.
According to another participant of the summit, SSCIS Deputy Head Maj-Gen Allahveren Ismayilov, against the background of the current socio-political processes in the world, the struggle in the information field has intensified, facing significant risks: "We need to study the gaps in ensuring the country's information security and measures to counter cyber attacks." In this regard, Ismayilov recalled that the terrorist attack on the Azerbaijani embassy in Iran revealed weaknesses in the information security system, which indicates the need for more effective measures to protect it.
The problem of cybersecurity is more than serious if we take into account that 97 information resources registered in Azerbaijan's domain zone (.az) were subjected to cyber attacks last year. Moreover, the investigation of the incidents revealed a number of violations in the field of ensuring the network security of the republic's information resources. Thus, 34 per cent of domestic web resources were encoded incorrectly and insecurely, and 66 per cent had incorrect server settings, as a result of which they were subjected to a hacker attack. At the same time, despite repeated attacks on eight of these web resources, measures to eliminate the shortcomings have not been taken.
Basically, such gaps and shortcomings are characteristic of the web resources of private media and other structures, while special services, on the contrary, successfully prevent cyber attacks on important state Internet resources and protect the servers of particularly important civil, defence and industrial systems quite effectively.
As follows from the materials of the summit of IT managers, the development and protection of state digital systems and web resources will be continued incrementally. In particular, a new service has recently been launched in Azerbaijan share.gov.az, created as an alternative to wetransfer. The resource is designed for the exchange of various types of files between government agencies and provides a high level of protection against data leakage. In this regard, at a meeting of heads of IT services, it was decided that from May 1, 2023, all government agencies that are not yet in the domain zone gov.az, will be integrated into this unified system.
At the same time, the state structures of the republic will have access to other new platforms and services developed at the SSCIS initiative. This is a new generation SOC system designed to more effectively combat cyber threats, a new e-mail service, the AzStateNet network, as well as the SIM3 project developed jointly with the European organisation Open CSIRT Foundation.
The development of a cybersecurity strategy for Azerbaijani banks, which is being prepared by the country's Central Bank (CBA) in collaboration with experts from the International Monetary Fund, is nearing completion. The three-year strategy is set to be implemented this year. Given the dynamic digitalisation of the domestic banking sector in recent years, as well as the Central Bank's active participation in this process, a significant portion of the concept is devoted to cybersecurity issues.
The goals of protecting the information of state resources, and improving the efficiency of centralised management of cybersecurity mechanisms are also served by actions to form a "Government Cloud" (G-cloud) in Azerbaijan and provide cloud services to public, private, and in the future to foreign structures through large DATA centres.
The implementation of the G-cloud project contributes to the centralisation of state information resources in a common database within a single platform, thereby saving 25-30 per cent of funds for managing IT resources, greatly simplifying and reducing the cost of their protection from cyber attacks. The work of AzInTelecom LLC on the creation of a "Government Cloud" is at the final stage today, and the transfer of information systems of 36 state structures into a single "cloud" will soon be completed.
Azerbaijan's achievements in the field of network security are recognised even at the world level - our country has significantly improved its position in the international National Cybersecurity Index. In this rating system, 161 countries of the world are evaluated and ranked according to 46 indicators of the digital environment, and Azerbaijan has improved its indicators by 34 positions, rising from 86th to 52nd place. Experts of the Association of Cybersecurity Organisations of Azerbaijan note that during the reported period, our country has demonstrated the highest growth dynamics. For comparison, Armenia ranks only 90th in this rating table.