Coordination of computer incidents in state bodies and cyber security issues is implemented by the Computer Energency Response Team (CERT) of the State Service of Special Communication and İnformation Security.
The main tasks and functions of the center
- computer security from users about modern threats, from computer hardware and software manufacturers, information received from similar structures in foreign countries, as well as the collection of materials related to specific computer incidents, the effectiveness of software and technical tools used to protect computer systems, analysis and collection in relevant databases;
- on the basis of the study and generalization of international experience in the field of ensuring computer security, development of recommendations for the application of the most effective software and hardware tools that ensure the prevention of cases of illegal interference in information systems for users in state bodies, providing consulting services and technical assistance to users;
- prompt reception of information and emergency assistance to prevent hacker attacks on computer systems, providing timely information to users of the Internet and other information systems, including local and corporate systems, about threats to computer security, and assisting state authorities in the investigation of computer incidents;
- advising on the selection of software and technical tools for ensuring computer security, cooperation with software vendors when defects and shortcomings of software tools for protecting computer systems are detected;
- assisting them in the creation of information security units of state enterprises and in the development of relevant normative documents;
- interaction and cooperation, exchange of information and work experience with relevant institutions, "CERT" departments in foreign countries on the issues of computer crimes and legal guarantee of information security;
- to interact with the relevant departments of state authorities to obtain the necessary information about computer incidents in a timely manner, and to provide assistance and guidance in the prevention of computer violations (hacker and virus attacks).
The Center performs the following functions to fulfill the tasks assigned to it:
- receives information about computer incidents in a timely manner and helps users of information systems and the Internet network in the prevention of computer incidents, prevention of such cases and their investigation;
- provides interactive information activities with users through the center's website, posts a list of software tools for protecting computer systems recommended for use on the site and request information;
- The Center guarantees that it will not disclose the information it has become aware of to a third party without the consent of the user affected by the incident.
The Center is responsible for the fulfillment of the tasks assigned to it in accordance with the legislation of the Republic of Azerbaijan, and for the information presented and disseminated within its powers.
The Center does not have the right to suspend the operation of these or other systems and resources, but reserves the right to transfer them to the appropriate law enforcement agencies for the resolution of those issues.
The Center is not responsible for errors, damage,
other types of direct or indirect losses that may occur due to the fault of
users as a result of misunderstanding the information received from it.
Computer incidents processed by the center
The center reviews and processes the following computer incidents in its activities:
- disruption of network base nodes and large server resources, attacks that can lead to the destruction or discrediting of system information;
- any network attacks aimed at obtaining administrative privileges;
- DoS (Denial of Service) and DDoS (distributed denial-of-service) attacks on information resources of state bodies and individual hosts.
- purposefully sending computer viruses; destruction of information network protection systems, including malicious programs (sniffer, rootkit, keylogger, etc.);
- scanning of national information networks and hosts;
- picking and intercepting passwords and other authentication information;
- unauthorized use of information resources.