Axtarış...
During the II International "Cyber Security Week", security measures in state information resources were discussed
Participating in the events held within the framework of the II International "Cyber Security Week", Head of the Special State Protection Service Special Communication and Information Security State Agency Tural Mammadov spoke about security measures in state information resources. Since 2017, cases of virtual theft and forgery have exceeded physical forgery and theft, based on international statistical indicators, he spoke about the activities of international cyber groups, trends and tendentions in the world, as well as the interests of cyber groups in our country. In his speech, Tural Mammadov brought to the attention of the participants that they are already working together with the State Security Service of the Republic of Azerbaijan to expose the activities of two such cyber groups in the country and bring cybercriminals to criminal responsibility then he talked about the work done by the State Agency for Special Communication and Information Security to ensure the information security of state institutions, and the directions of combating cyber attacks.
During the presentation, some projects worked on by the Agency's CERT center attracted attention. So, there was talk of the Agency's new "xritdx.gov.az" information resource, the "Information Security" magazine, whose online version is presented to the public through this information resource, the new functionality of the "Blacklist.gov.az" portal presented by the CERT center within the framework of the 1st International "Cyber Security Week", the statistical section on pest control presented this year on the "cert.gov.az" portal, Malware Analyzer XRScan (Malware Analyzer XRScan), which is in the process of completion and tentatively called "MAX", the "Resource Management Center" closed exchange portal provided to state institutions, the assessment of state institutions according to the "cyber security" and "vigilance" index. Speaking about preventive measures taken by the Agency in the direction of information security, T. Mammadov also touched on a number of statistics. Thus, in 2019, the Agency managed to block 200 million malicious links from the Azstatenet network established for the use of state institutions, 2 million 837 thousand pests through the centralized antivirus system, and more than 7000 0-day pests with the Sandbox system, and government agencies have protected their users from infection. In the speech, information was also provided on the audits conducted in the information resources and systems of the Agency's state institutions as preventive steps, and it was reported that in 2019, 266 information resources were submitted to state institutions in order to eliminate the deficiencies.
At the end of the presentation, the expert mentioned that there is a trend of APT targeting (APT) carried out on the "trust chain" of cyber attacks and listed the ways of combating them as follows:
- The importance of minimizing the absolute trust in the 3rd party vendor, contractor company, etc. "trust chain" and the importance of all-round assessment of the threat;
- Organization of monitoring to observe anomalies in information systems;
- Failure to hide the cyber incidents that occurred in order to eliminate the consequences of the cyber attack in time;
- Importance of cooperation, exchange of information and cyber attack indicators;
- The importance of forming an internal "Information Security Policy";
- Increasing attention to the organization of regular trainings to increase cyber vigilance in all employees, regardless of whether they work in the field;