Today.Az » Society » SCIS- Unseen heroes of society and Patriotic War
15 December 2023 [15:40] - Today.Az
By Adalat Verdiyev, military expert Security is one of the officially declared priorities of the Azerbaijan state. If we take into account that the heads of states directly depends on the strategic communication system and the transmission of information in a safe, stable and sustainable manner, the great importance of special communication and its security becomes clear. President of Azerbaijan Ilham Aliyev announced the protection of national information resources and the protection of national interests in the field of information as one of the main directions of the national security policy. Currently, all power structures, including the Ministry of Defense, the State Border Service, the State Security Service, the Foreign Intelligence Service, and the Special Communications and Information Security State Service are operating at the level of security.
Since the Azerbaijani Special Communication and Information Security State Service (SC?S) is one of the most secretive state institutions, its activities are of particular interest. However, getting or gathering information about this institution is not an easy task.
The History of the Service
On October 1, 1994, the institution was created as the "Communication and Technical Division" within the material and technical supply department of the Department of Material and Technical Supply of the General Protection Department of the Supreme State Power and Management Bodies of the Republic of Azerbaijan. Later, its activities were carried out as an independent section, sector, and department within the structure of the State Service Special Communication and Information Security of the Republic of Azerbaijan
By Decree No. 708 of the President of Azerbaijan dated September 26, 2012, the State Agency for Special Communication and Information Security of the Special State Protection Service was established. With the Decree of the Head of State No. 957 dated March 16, 2020, a separate State Service of Special Communication and Information Security of the Republic of Azerbaijan was established on the basis of the Agency. By the decree signed by the President of Azerbaijan Ilham Aliyev on December 22, 2021, the Regulations on the Special Communication and Information Security State Service, the structure of the service, the number of military personnel and civilian employees, and the list of senior officer positions were approved. By the order of the head of state dated July 15, 2022, Lieutenant General Ilgar Ali oglu Musayev was appointed as head of the State Service of Special Communication and Information Security.
The Purpose of the Service Special Communication and Information Security ensures the organization, operation, security and development of special purpose information, and communication systems and networks for public service state bodies, interdepartmental electronic document circulation, connection of state bodies with the Internet network, placement of their information resources in the information and resource center, and carries out special technical measures for the safety of protected bodies. Among the main tasks of this service are technical and methodical support to state bodies in the direction of increasing readiness in the field of cyber security in state bodies, taking preventive measures in this field, monitoring the security parameters of Internet resources and information systems, and increasing the cyber security of these systems.
The service also provides cryptographic protection and confidentiality of any kind of information exchange of government agencies inside and outside the country. Protection of information security in the transmission of information is one of the priority working principles of the service.
Legal-normative documents
The Constitution of the Republic of Azerbaijan, laws, decrees, and orders of the Azerbaijani President, decisions and orders of the Cabinet of Ministers of the Azerbaijani Republic, all normative legal acts, instructions, regulations and recommendations regulating the activity of the Special Communication and Information Security State Service are guided in the activity of the institution, and all measures are is carried out in accordance with the requirements of the acts. These normative legal acts include the laws of the Republic of Azerbaijan "On operation-search activity", "On intelligence and counter-intelligence activity", "On the division of powers of subjects of operation-search activity", "On improvement of activity in the field of information security", "Security of critical information infrastructure on some measures in the field of provision" Decrees of the President of the Republic of Azerbaijan, Regulations of the Special Communication and Information Security State Service, etc. includes. The importance of information security
Currently, there is a serious need to mobilize efforts to ensure the continuous development of the national information resources protection system, to coordinate the activities of all relevant structures in the field of information protection, and to strengthen awareness in this field.
In the modern era, when information has become one of the most valuable resources, ensuring its security is important for every state, structure, or individual user.
The security of the communication channels they have and the information they transmit through these channels is of great importance for the effective and safe operation of the persons and institutions involved in public administration.
Ensuring information security includes methods, tools, and processes used to prevent unauthorized access to information, its leakage, modification, and deletion. Information security includes many aspects, including protection against hackers, spies, various viruses, and cyber-attacks, as well as measures against data leakage or phishing (obtaining confidential user data - username, password, personal account information). In this regard, the main requirements for ensuring information security have been determined.
1) Privacy, that is, information should be obtained only by those who have the right to receive it. Integrity, that is, information must be protected and transmitted reliably from external interference and unauthorized changes. 2) Availability, that is, information should be available only to those who have the right to access it and within a certain period of time. Currently, there are several projects and resources managed by the Service, listed below: "Information Security" magazine Resource Management Center "Blacklist" Information Resource ?NGBKT Electronic Issue System Infected IP Notification service Information Security Library Internal Information Exchange system MAX software for pest analysis AzStateNet Information security also includes measures that ensure the security of networks and data storage systems. Within the framework of these measures, the Special Communication and Information Security State Service has created a closed internet network AzStateNet (Azerbaijan State Network) with multi-level filters, providing protection against hacker attacks, use of antivirus software, "phishing" and data leakage, for the use of institutions working in the public and private sector. The AzStateNet network is an important segment of the Internet network for the central and local state authorities of the Republic of Azerbaijan. This network includes territorially distributed networks and access servers belonging to organizations that have the status of state authorities of the Republic of Azerbaijan. AzStateNet provides users with access to the information space of the Internet network and places on its servers only official information related to the activities of state authorities of the Republic of Azerbaijan. The network has a hierarchical structure with core and regional management centers. The main center of its management, as well as the management centers of the territorial segments, are at the disposal of the State Agency for Special Communications and Information Security.
Administration of the main gov.az domain, registration of gov.az subdomains, as well as provision of IP addresses for subscribers of the AzStateNet network connected to the servers of the main gov.az domain, are also carried out by the Service.
Information Security Coordination Commission
According to the normative documents, the general control over compliance with the rules of information security is carried out by the Coordination Commission, which includes authorized representatives of SC?S, the State Security Service of the Republic of Azerbaijan, the Center for Information Resources and Technologies of the Executive Office of the President of the Republic of Azerbaijan, the Ministry of Communications and Information Technologies of the Republic of Azerbaijan and the Azerbaijan National Academy of Sciences.
The Coordination Commission for Information Security created by the order of President Ilham Aliyev develops fertile conditions for ensuring the security of the information space in the country, protecting the information resources of infrastructure objects of great importance for the state and society from cyber attacks, and coordinating the work of state institutions operating in the field of prevention and investigation of such threats.
A special "Information Exchange System" platform was developed and made available to the Commission's working groups for intensive information exchange in the working groups of the Commission.
Currently, the working groups operating within the Commission and the involved independent experts are successfully implementing the activities of the "National Strategy for Information Security and Cyber ??Security of the Republic of Azerbaijan for 2022-2025" and the 3-year "Action Plan".
Computer Emergency Response Center (CERC) Computer Emergency Response Center (CERC) coordinates computer incidents and cyber security issues in government agencies. For this, the functions of CERC have been defined: - information received from users, manufacturers of computer equipment and software, similar structures in foreign countries about modern threats to computer security, as well as an application for protection of computer systems for specific computer incidents, analysis and collection of materials related to the effectiveness of software and technical tools in relevant databases;
- on the basis of the study and generalization of international experience in the field of computer security, the development of recommendations for the application of the most effective software and hardware tools that ensure the prevention of cases of illegal interference in information systems for users in state bodies, provision of advisory services and technical assistance to users; - prompt reception of information and emergency assistance to prevent hacker attacks on computer systems, providing timely information to users of the Internet and other information systems, including local and corporate systems, about threats to computer security, and providing assistance to state authorities in the investigation of computer incidents; - advising on the selection of software and technical tools for ensuring computer security, cooperating with software vendors when defects and shortcomings of software tools for protecting computer systems are detected; - assisting them in creating information security departments of state enterprises and developing relevant normative documents; - interaction and cooperation with relevant institutions, "CERT" departments in foreign countries, exchange of information and work experience on the issues of computer crimes and legal guarantee of information security; - interacting with the relevant departments of state bodies to obtain the necessary information about computer incidents in a timely manner and providing assistance and instructions in preventing computer violations (hacker and virus attacks);
CERC is responsible within the limits of its powers for the information provided and disseminated for the fulfillment of the duties assigned to it in accordance with the legislation of the Republic of Azerbaijan. The Center does not have the authority to suspend the operation of these or other systems and resources but reserves the right to transfer them to the appropriate law enforcement agencies for the resolution of those issues.
In its activity, the center reviews and processes computer incidents of various types: - attacks that can cause disruption of network base nodes and large server resources, loss of system information or discrediting; - any network attacks aimed at obtaining administrative privileges; - DoS (Denial of Service) and DDoS attacks on information resources of state bodies and individual hosts; - targeted sending of computer viruses, destruction of information network protection systems, including malicious programs (sniffer, rootkit, keylogger, etc.); - scanning of national information networks and hosts; - picking and capturing passwords and other authentication information; - unauthorized use of information resources.
SC?S during the Patriotic War
Since the beginning of the Patriotic War, the personnel of SC?S has worked uninterruptedly to provide the Ministry of Defense, the State Border Service, the State Security Service, and other institutions and their local headquarters situated in the operational zone with reliable special communication, internet and data services, and to protect the state information systems from cyber-attacks. As in the case of other power structures, the personnel of the SCIS duly fulfilled their duties in the Patriotic War. Of course, the large-scale offensive operations launched by the Armenian side against Azerbaijan were not limited to the attack of ground troops, armored formations, and artillery. Under the leadership of the special services of Armenia, various hacker groups carried out cyber attacks against the resources of almost all state structures of Azerbaijan. Another known activity of the SCIS is related to the UAVs, which were used on a large scale by the Azerbaijani Armed Forces during the Patriotic War. Bayragdar TB2 UAVs, which became a nightmare of the Armenian army, operated in areas controlled by the enemy during the war. The rapid advance of our troops and the task of ensuring the operation of UAVs in the entire depth of the enemy's defense line required the relocation of the control stations of unmanned vehicles in a short time. SCIS duly coped with this task in the Patriotic War. In addition, when the Azerbaijani army liberated the invaded territory from the enemy during the Patriotic War, the TETRA radio communication system, which was successfully introduced by the SCIS for the first time in the CIS region, played a special role in the management of the advancing troops. The placement of dozens of TETRA base stations in areas close to the pre-war contact line provided the relevant authorities with reliable and encrypted communications. Not to mention the difficulties in bringing TETRA systems from abroad to Azerbaijan during the war, the leadership of the Service did not allow a break in the provision of power structures. In addition to expanding the TETRA network in the territories liberated after the Patriotic War, the stations that failed during the operations were replaced with new ones.
During the anti-terrorist measures held in September 2023, the SCIS promptly created and put into use the TETRA radio communication network in Khankendi, Aghdara, and Khojaly districts to ensure reliable management of state structures and secure information exchange. Currently, the work on the expansion of the "AzststeNet" network is being continued in the liberated areas.
In addition, optical cables were laid to the control points of troops and units to ensure operational management and special-purpose communication services were provided. The Commander-in-Chief personally communicates with the command centers of the forces participating in the war, personally manages the army and troop commanders, and after every successful operation, communicates with the generals through special communications and congratulates them.
In the management of units and units participating in operations and battles, the commanders we all know well - Colonel-General Karim Valiyev, Lieutenant-General Hikmet Mirzayev, Major-General Munasim Babayev, Major-General Mais Barkhudarov, Major-General Anar Karimov, Colonel Eldeniz Namazov and others. We have seen him use TETRA many times. During the course of the war, the re-encryption of the means of communication used by the leaders was also carried out by the employees of the Khrytdx.
In addition, the Space Agency of the Republic of Azerbaijan "Azerkosmos" skillfully used the resources of mobile operators and internet providers of the public legal entity in the operational area of ??the SCIS war zone. During the Patriotic War, SCIS prevented about 3,000 cyberattacks targeting state information resources. SCIS after the Patriotic War
After the Patriotic War, in August 2022, during the Revenge operation carried out by the Azerbaijani army, there were intensive DDOS cyber attacks against a total of 72 information resources, 15 of which were state institutions, by 7 cyber groups. Since 11 out of 15 institutions use the AzstateNet network, their uninterrupted activity was ensured as a result of taking preventive measures.
During 2023, up to 1,000 cyber attack indicators, approximately 81 million malicious links, and 873 thousand malicious viruses were identified and blocked by the Service with the help of new generation equipment and a centralized antivirus system. Both before and after the war, SCIS organized high-level meetings and receptions of Commander-in-Chief Ilham Aliyev and other high-ranking officials in videoconference mode. The authors of the video conference on the signing of the tripartite Joint Statement, which officially reflects Azerbaijan's great Victory in the Patriotic War, were also the authors of the SCIS staff.
Result
SCIS carries out very important activities related to the protection of information processes, protection of information resources of state bodies, prevention of threats in this area, and assessment and management of risks in the field of cyber security in state and non-state information infrastructure subjects.
After the liberation of invaded territories in the Patriotic War, the movement of Azerbaijani troops and preparation for the next operations definitely required stable, secure, and safe special communication. The communication that met these strict requirements was provided by SCIS and its personnel, who are now war veterans.
The agreement of the rules for the use of special types of communication and user lists with the President of the Republic of Azerbaijan proves how important this field is for the state. Our head of state, who has signed numerous decrees for the purpose of ensuring national security, always shows great care and attention to the development and technical equipment of the special communication and information security sector, as well as to the activities of military personnel working in this field. Commander-in-Chief Ilham Aliyev highly appreciated the selfless activity of the personnel of the SCIS in the Patriotic War and awarded many of them various orders and medals.
The facts listed above once again indicate that information security is an extremely important aspect of modern life and its importance is increasing. All state institutions, power structures, defense industry, energy, financial and banking sectors of Azerbaijan should and do closely cooperate with the Special Communication and Information Security State Service to protect themselves from new types of cyber attacks and ensure the security of their data.
Information security is not a constant concept, as science and technology develop, new types of threats appear, and the methods used by hackers change and develop. Therefore, the State Service of Special Communications and Information Security is constantly updating methods and tools of "unarmed combat" to protect our resources from new types of cyber attacks and hackers.
On October 26-27, 2023, the first Cyber ??festival called "Critical Infrastructure Defense Challenge 2023" (CIDC-2023) was held in Baku under the joint organization of the State Service of Special Communication and Information Security of the Republic of Azerbaijan and the State Security Service of the Republic of Azerbaijan. In the "Cyberwar" competition, which was carried out with the simulation of cyberattacks, the participating teams had to protect the given infrastructure against cyberattacks by building the defense of the virtual information systems assigned to them. Also, within the framework of the event, "master classes" were held for both beginners and professionals in 6 different directions, and professional trainings were held by local and foreign experts.
CIDC-2023 is one of the important steps taken in the direction of improving the experience, knowledge, and skills of employees of government institutions, critical infrastructures, financial and telecommunications sectors on information security, strengthening coordination between public and private sectors, familiarization with new technological solutions and professional development.
In addition to all this, the employees of the Service are systematically sent on business trips to allied countries in order to increase their capabilities, where they study in courses and participate in international events. As a result of the meetings and discussions, memorandums of understanding and protocols were signed with some countries at the international level. The listed points are a small part of the activities carried out by the Service that can be disclosed to the press. Suffice it to say that SCIS provides 24/7 continuous service and monitors all electronic information resources it protects.
There is no doubt that the Special Communication and Information Security State Service, which is an important part of the security component of the independent policy implemented by the state of Azerbaijan and performs its duties properly, will achieve new successes in its activities.
|