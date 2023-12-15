(MENAFN- AzerNews) By Adalat Verdiyev, military expert
Security is one of the officially declared priorities of the
Azerbaijan state. If we take into account that the heads of states
directly depends on the strategic communication system and the
transmission of information in a safe, stable and sustainable
manner, the great importance of special communication and its
security becomes clear.
President of Azerbaijan Ilham Aliyev announced the protection of
national information resources and the protection of national
interests in the field of information as one of the main directions
of the national security policy. Currently, all power structures,
including the Ministry of Defense, the State Border Service, the
State Security Service, the Foreign Intelligence Service, and the
Special Communications and Information Security State Service are
operating at the level of security.
Since the Azerbaijani Special Communication and Information
Security State Service (SCİS) is one of the most secretive state
institutions, its activities are of particular interest. However,
getting or gathering information about this institution is not an
easy task.
The History of the Service
On October 1, 1994, the institution was created as the
"Communication and Technical Division" within the material and
technical supply department of the Department of Material and
Technical Supply of the General Protection Department of the
Supreme State Power and Management Bodies of the Republic of
Azerbaijan. Later, its activities were carried out as an
independent section, sector, and department within the structure of
the State Service Special Communication and Information Security of
the Republic of Azerbaijan
By Decree No. 708 of the President of Azerbaijan dated September
26, 2012, the State Agency for Special Communication and
Information Security of the Special State Protection Service was
established. With the Decree of the Head of State No. 957 dated
March 16, 2020, a separate State Service of Special Communication
and Information Security of the Republic of Azerbaijan was
established on the basis of the Agency.
By the decree signed by the President of Azerbaijan Ilham Aliyev
on December 22, 2021, the Regulations on the Special Communication
and Information Security State Service, the structure of the
service, the number of military personnel and civilian employees,
and the list of senior officer positions were approved. By the
order of the head of state dated July 15, 2022, Lieutenant General
Ilgar Ali oglu Musayev was appointed as head of the State Service
of Special Communication and Information Security.
The Purpose of the Service
Special Communication and Information Security ensures the
organization, operation, security and development of special
purpose information, and communication systems and networks for
public service state bodies, interdepartmental electronic document
circulation, connection of state bodies with the Internet network,
placement of their information resources in the information and
resource center, and carries out special technical measures for the
safety of protected bodies. Among the main tasks of this service
are technical and methodical support to state bodies in the
direction of increasing readiness in the field of cyber security in
state bodies, taking preventive measures in this field, monitoring
the security parameters of Internet resources and information
systems, and increasing the cyber security of these systems.
The service also provides cryptographic protection and
confidentiality of any kind of information exchange of government
agencies inside and outside the country. Protection of information
security in the transmission of information is one of the priority
working principles of the service.
Legal-normative documents
The Constitution of the Republic of Azerbaijan, laws, decrees, and
orders of the Azerbaijani President, decisions and orders of the
Cabinet of Ministers of the Azerbaijani Republic, all normative
legal acts, instructions, regulations and recommendations
regulating the activity of the Special Communication and
Information Security State Service are guided in the activity of
the institution, and all measures are is carried out in accordance
with the requirements of the acts.
These normative legal acts include the laws of the Republic of
Azerbaijan "On operation-search activity", "On intelligence and
counter-intelligence activity", "On the division of powers of
subjects of operation-search activity", "On improvement of activity
in the field of information security", "Security of critical
information infrastructure on some measures in the field of
provision" Decrees of the President of the Republic of Azerbaijan,
Regulations of the Special Communication and Information Security
State Service, etc. includes.
The importance of information security
Currently, there is a serious need to mobilize efforts to ensure
the continuous development of the national information resources
protection system, to coordinate the activities of all relevant
structures in the field of information protection, and to
strengthen awareness in this field.
In the modern era, when information has become one of the most
valuable resources, ensuring its security is important for every
state, structure, or individual user.
The security of the communication channels they have and the
information they transmit through these channels is of great
importance for the effective and safe operation of the persons and
institutions involved in public administration.
Ensuring information security includes methods, tools, and
processes used to prevent unauthorized access to information, its
leakage, modification, and deletion.
Information security includes many aspects, including protection
against hackers, spies, various viruses, and cyber-attacks, as well
as measures against data leakage or phishing (obtaining
confidential user data - username, password, personal account
information).
In this regard, the main requirements for ensuring information
security have been determined.
1) Privacy, that is, information should be obtained only by
those who have the right to receive it. Integrity, that is,
information must be protected and transmitted reliably from
external interference and unauthorized changes.
2) Availability, that is, information should be available only
to those who have the right to access it and within a certain
period of time. Currently, there are several projects and resources
managed by the Service, listed below: "Information Security"
magazine Resource Management Center "Blacklist" Information
Resource İNGBKT Electronic Issue System Infected IP Notification
service Information Security Library Internal Information Exchange
system MAX software for pest analysis
AzStateNet
Information security also includes measures that ensure the
security of networks and data storage systems. Within the framework
of these measures, the Special Communication and Information
Security State Service has created a closed internet network
AzStateNet (Azerbaijan State Network) with multi-level filters,
providing protection against hacker attacks, use of antivirus
software, "phishing" and data leakage, for the use of institutions
working in the public and private sector. The AzStateNet network is
an important segment of the Internet network for the central and
local state authorities of the Republic of Azerbaijan. This network
includes territorially distributed networks and access servers
belonging to organizations that have the status of state
authorities of the Republic of Azerbaijan. AzStateNet provides
users with access to the information space of the Internet network
and places on its servers only official information related to the
activities of state authorities of the Republic of Azerbaijan.
The network has a hierarchical structure with core and regional
management centers. The main center of its management, as well as
the management centers of the territorial segments, are at the
disposal of the State Agency for Special Communications and
Information Security.
Administration of the main gov domain, registration of gov
subdomains, as well as provision of IP addresses for subscribers of
the AzStateNet network connected to the servers of the main gov
domain, are also carried out by the Service.
Information Security Coordination Commission
According to the normative documents, the general control over
compliance with the rules of information security is carried out by
the Coordination Commission, which includes authorized
representatives of SCİS, the State Security Service of the Republic
of Azerbaijan, the Center for Information Resources and
Technologies of the Executive Office of the President of the
Republic of Azerbaijan, the Ministry of Communications and
Information Technologies of the Republic of Azerbaijan and the
Azerbaijan National Academy of Sciences.
The Coordination Commission for Information Security created by the
order of President Ilham Aliyev develops fertile conditions for
ensuring the security of the information space in the country,
protecting the information resources of infrastructure objects of
great importance for the state and society from cyber attacks, and
coordinating the work of state institutions operating in the field
of prevention and investigation of such threats.
A special "Information Exchange System" platform was developed and
made available to the Commission's working groups for intensive
information exchange in the working groups of the Commission.
Currently, the working groups operating within the Commission and
the involved independent experts are successfully implementing the
activities of the "National Strategy for Information Security and
Cyber Security of the Republic of Azerbaijan for 2022-2025" and
the 3-year "Action Plan".
Computer Emergency Response Center (CERC)
Computer Emergency Response Center (CERC) coordinates computer
incidents and cyber security issues in government agencies. For
this, the functions of CERC have been defined: - information
received from users, manufacturers of computer equipment and
software, similar structures in foreign countries about modern
threats to computer security, as well as an application for
protection of computer systems for specific computer incidents,
analysis and collection of materials related to the effectiveness
of software and technical tools in relevant databases;
- on the basis of the study and generalization of international
experience in the field of computer security, the development of
recommendations for the application of the most effective software
and hardware tools that ensure the prevention of cases of illegal
interference in information systems for users in state bodies,
provision of advisory services and technical assistance to
users;
- prompt reception of information and emergency assistance to
prevent hacker attacks on computer systems, providing timely
information to users of the Internet and other information systems,
including local and corporate systems, about threats to computer
security, and providing assistance to state authorities in the
investigation of computer incidents;
- advising on the selection of software and technical tools for
ensuring computer security, cooperating with software vendors when
defects and shortcomings of software tools for protecting computer
systems are detected;
- assisting them in creating information security departments
of state enterprises and developing relevant normative
documents;
- interaction and cooperation with relevant institutions,
"CERT" departments in foreign countries, exchange of information
and work experience on the issues of computer crimes and legal
guarantee of information security;
- interacting with the relevant departments of state bodies to
obtain the necessary information about computer incidents in a
timely manner and providing assistance and instructions in
preventing computer violations (hacker and virus attacks);
CERC is responsible within the limits of its powers for the
information provided and disseminated for the fulfillment of the
duties assigned to it in accordance with the legislation of the
Republic of Azerbaijan.
The Center does not have the authority to suspend the operation of
these or other systems and resources but reserves the right to
transfer them to the appropriate law enforcement agencies for the
resolution of those issues.
In its activity, the center reviews and processes computer
incidents of various types: - attacks that can cause disruption of
network base nodes and large server resources, loss of system
information or discrediting; - any network attacks aimed at
obtaining administrative privileges; - DoS (Denial of Service) and
DDoS attacks on information resources of state bodies and
individual hosts;
- targeted sending of computer viruses, destruction of
information network protection systems, including malicious
programs (sniffer, rootkit, keylogger, etc.);
- scanning of national information networks and hosts;
- picking and capturing passwords and other authentication
information;
- unauthorized use of information resources.
SCİS during the Patriotic War
Since the beginning of the Patriotic War, the personnel of SCİS has
worked uninterruptedly to provide the Ministry of Defense, the
State Border Service, the State Security Service, and other
institutions and their local headquarters situated in the
operational zone with reliable special communication, internet and
data services, and to protect the state information systems from
cyber-attacks.
As in the case of other power structures, the personnel of the
SCIS duly fulfilled their duties in the Patriotic War. Of course,
the large-scale offensive operations launched by the Armenian side
against Azerbaijan were not limited to the attack of ground troops,
armored formations, and artillery. Under the leadership of the
special services of Armenia, various hacker groups carried out
cyber attacks against the resources of almost all state structures
of Azerbaijan.
Another known activity of the SCIS is related to the UAVs, which
were used on a large scale by the Azerbaijani Armed Forces during
the Patriotic War. Bayragdar TB2 UAVs, which became a nightmare of
the Armenian army, operated in areas controlled by the enemy during
the war. The rapid advance of our troops and the task of ensuring
the operation of UAVs in the entire depth of the enemy's defense
line required the relocation of the control stations of unmanned
vehicles in a short time. SCIS duly coped with this task in the
Patriotic War.
In addition, when the Azerbaijani army liberated the invaded
territory from the enemy during the Patriotic War, the TETRA radio
communication system, which was successfully introduced by the SCIS
for the first time in the CIS region, played a special role in the
management of the advancing troops. The placement of dozens of
TETRA base stations in areas close to the pre-war contact line
provided the relevant authorities with reliable and encrypted
communications. Not to mention the difficulties in bringing TETRA
systems from abroad to Azerbaijan during the war, the leadership of
the Service did not allow a break in the provision of power
structures.
In addition to expanding the TETRA network in the territories
liberated after the Patriotic War, the stations that failed during
the operations were replaced with new ones.
During the anti-terrorist measures held in September 2023, the SCIS
promptly created and put into use the TETRA radio communication
network in Khankendi, Aghdara, and Khojaly districts to ensure
reliable management of state structures and secure information
exchange. Currently, the work on the expansion of the "AzststeNet"
network is being continued in the liberated areas.
In addition, optical cables were laid to the control points of
troops and units to ensure operational management and
special-purpose communication services were provided. The
Commander-in-Chief personally communicates with the command centers
of the forces participating in the war, personally manages the army
and troop commanders, and after every successful operation,
communicates with the generals through special communications and
congratulates them.
In the management of units and units participating in operations
and battles, the commanders we all know well - Colonel-General
Karim Valiyev, Lieutenant-General Hikmet Mirzayev, Major-General
Munasim Babayev, Major-General Mais Barkhudarov, Major-General Anar
Karimov, Colonel Eldeniz Namazov and others. We have seen him use
TETRA many times. During the course of the war, the re-encryption
of the means of communication used by the leaders was also carried
out by the employees of the Khrytdx.
In addition, the Space Agency of the Republic of Azerbaijan
"Azerkosmos" skillfully used the resources of mobile operators and
internet providers of the public legal entity in the operational
area of the SCIS war zone.
During the Patriotic War, SCIS prevented about 3,000
cyberattacks targeting state information resources.
SCIS after the Patriotic War
After the Patriotic War, in August 2022, during the Revenge
operation carried out by the Azerbaijani army, there were intensive
DDOS cyber attacks against a total of 72 information resources, 15
of which were state institutions, by 7 cyber groups. Since 11 out
of 15 institutions use the AzstateNet network, their uninterrupted
activity was ensured as a result of taking preventive measures.
During 2023, up to 1,000 cyber attack indicators, approximately 81
million malicious links, and 873 thousand malicious viruses were
identified and blocked by the Service with the help of new
generation equipment and a centralized antivirus system. Both
before and after the war, SCIS organized high-level meetings and
receptions of Commander-in-Chief Ilham Aliyev and other
high-ranking officials in videoconference mode. The authors of the
video conference on the signing of the tripartite Joint Statement,
which officially reflects Azerbaijan's great Victory in the
Patriotic War, were also the authors of the SCIS staff.
Result
SCIS carries out very important activities related to the
protection of information processes, protection of information
resources of state bodies, prevention of threats in this area, and
assessment and management of risks in the field of cyber security
in state and non-state information infrastructure subjects.
After the liberation of invaded territories in the Patriotic War,
the movement of Azerbaijani troops and preparation for the next
operations definitely required stable, secure, and safe special
communication. The communication that met these strict requirements
was provided by SCIS and its personnel, who are now war
veterans.
The agreement of the rules for the use of special types of
communication and user lists with the President of the Republic of
Azerbaijan proves how important this field is for the state. Our
head of state, who has signed numerous decrees for the purpose of
ensuring national security, always shows great care and attention
to the development and technical equipment of the special
communication and information security sector, as well as to the
activities of military personnel working in this field.
Commander-in-Chief Ilham Aliyev highly appreciated the selfless
activity of the personnel of the SCIS in the Patriotic War and
awarded many of them various orders and medals.
The facts listed above once again indicate that information
security is an extremely important aspect of modern life and its
importance is increasing. All state institutions, power structures,
defense industry, energy, financial and banking sectors of
Azerbaijan should and do closely cooperate with the Special
Communication and Information Security State Service to protect
themselves from new types of cyber attacks and ensure the security
of their data.
Information security is not a constant concept, as science and
technology develop, new types of threats appear, and the methods
used by hackers change and develop. Therefore, the State Service of
Special Communications and Information Security is constantly
updating methods and tools of "unarmed combat" to protect our
resources from new types of cyber attacks and hackers.
On October 26-27, 2023, the first Cyber festival called "Critical
Infrastructure Defense Challenge 2023" (CIDC-2023) was held in Baku
under the joint organization of the State Service of Special
Communication and Information Security of the Republic of
Azerbaijan and the State Security Service of the Republic of
Azerbaijan. In the "Cyberwar" competition, which was carried out
with the simulation of cyberattacks, the participating teams had to
protect the given infrastructure against cyberattacks by building
the defense of the virtual information systems assigned to them.
Also, within the framework of the event, "master classes" were held
for both beginners and professionals in 6 different directions, and
professional trainings were held by local and foreign experts.
CIDC-2023 is one of the important steps taken in the direction of
improving the experience, knowledge, and skills of employees of
government institutions, critical infrastructures, financial and
telecommunications sectors on information security, strengthening
coordination between public and private sectors, familiarization
with new technological solutions and professional development.
In addition to all this, the employees of the Service are
systematically sent on business trips to allied countries in order
to increase their capabilities, where they study in courses and
participate in international events. As a result of the meetings
and discussions, memorandums of understanding and protocols were
signed with some countries at the international level.
The listed points are a small part of the activities carried out
by the Service that can be disclosed to the press. Suffice it to
say that SCIS provides 24/7 continuous service and monitors all
electronic information resources it protects.
There is no doubt that the Special Communication and Information
Security State Service, which is an important part of the security
component of the independent policy implemented by the state of
Azerbaijan and performs its duties properly, will achieve new
successes in its activities.
