Skip to content

Cyber Attack: Information Security of Armenia On the Internet

January 29 will not be marked in black on Armenian cyber calendar, but what happened this year on that day will be remembered for a long time by the experts as a day of mass attack of hackers on Armenian sites.

That day hackers damaged about 300 websites registered on the Armenian domain which were served by the Armenian ‘Smart Systems’ company. According to the company survey, first their server had been damaged and then the sites using the company hosting broken.

Then different state bodies hurried to report that there was no any governmental site among those on the list and added that the state web-sites are out of danger for they are fully protected. And the damaged sites belonged mainly to individuals or private companies.

The experts, directly related to the issue, reported that the attackers as well as the sinners were outsiders.

The head manager of the ‘Smart Systems’ company Gor Isaverdyan says that the American company dealing with the server security had told them that they had accidentally deleted the security codes of the server of ‘Smart Systems’. Isaverdyan told JNews that the cyber attack resulted in breaking the contract with the American company and trusting the server security to another, Canadian this time, company.

January 29 will not be marked in black on Armenian cyber calendar, but what happened this year on that day will be remembered for a long time by the experts as a day of mass attack of hackers on Armenian sites.

That day hackers damaged about 300 websites registered on the Armenian domain which were served by the Armenian ‘Smart Systems’ company. According to the company survey, first their server had been damaged and then the sites using the company hosting broken.

Then different state bodies hurried to report that there was no any governmental site among those on the list and added that the state web-sites are out of danger for they are fully protected. And the damaged sites belonged mainly to individuals or private companies.

The experts, directly related to the issue, reported that the attackers as well as the sinners were outsiders.

The head manager of the ‘Smart Systems’ company Gor Isaverdyan says that the American company dealing with the server security had told them that they had accidentally deleted the security codes of the server of ‘Smart Systems’. Isaverdyan told JNews that the cyber attack resulted in breaking the contract with the American company and trusting the server security to another, Canadian this time, company.

Since the first years of the Internet development in Armenia, 1998, the Armenian websites have always been under attack. There is even an opinion that the number of outer attacks on Armenian cyber space does not yield to cases of ceasefire violations on the border of Armenia and Azerbaijan   . And over the recent years those attacks have been of more organized character which, according to experts, are managed by the special services of Azerbaijan.

IT expert Arthur Papyan mentions that sites regarding the Armenian Genocide and Karabakh, as well as those belonging to state departments are most often attacked.

A governmental approach towards informational security in Armenia started to form only in 2009. The reason was another hacker attack – this time on several governmental sites. After some time Arthur Baghdasaryan, the Secretary of the National Security Council, stated that, in order to raise the level of informational security, it is necessary to make such reforms “that would afford an opportunity to create a system meeting international criteria both in the legislative and in the institutional sheres.”

On 26 June, 2009, the President of Armenia approved the RA information security concept, and at the end of the year it was created a working group experts of which had to work out the state policy provisions and point out the primary actions for their achievment.

Until 2009 the state websites in Armenia were served by private companies. After the hackers’ mass attacks in 2009, protection of their security was handed to the National Security Service (NSS).

At the end of 2010, the NSS director Gorik Hakobyan in his speech declared that a special portal has been worked out and created which has been co-attached between the networks of Armenian internet-providers and the state bodies, thus establishing an intermediate security zone.

“This portal affords an opportunity to raise the reliability of struggle against the possible information leaks, increase the security level of the state websites and to rapidly take appropriate measures in cases of information leaks,” declared Gorik Hakobyan.

He has also mentioned that during the portal exploitation many viruses, spy programs and net worms as well as thousands of attack attempts have been detected and destroyed.

Director of Information and PR Center of Armenian President’s Administration Ara Saghatelyan told JNews that they have conducted a monitoring a year ago and conluded that all the offical websites are reliably secured.

“All the official websites are protected,” says Ara Saghatelyan and adds: “Previously, the websites were vulnerable since  their security guarantees did not correspond to modern standards.

Experts of this field certify that one of the guarantees – the information security concept – is usable only for the protection of state websites, whereas the individual sector is not protected by it.

According to the deputy director of ‘Smart-Tech’ Ruben Muradyan, the companies should take care of their programming standards by themselves if they want to avoid unwanted troubles, and make extra-funding to raise the level of security of their sites, if needed.

“It is impossible to give a price. To provide information security the company should have a good specialist,” says Ruben Muradyan.

Today the greater part of private companies prefers to work with foreign rather than with Armenian organizations providing security. according to a specialist from ‘Smart-Tech’, the reason is again the prices.

“Foreingers provide cheaper and qualified services especially for individual sites,” says Muradyan and adds that today more than 150 students receive a programmer’s qualification in relevant Armenian universities annualy, and only 3 or 5 out of them is able to work in IT security system. 

IT experts note another important problem in this sphere: in 2008, a number of websites were registered in the Armenian “am” domain and were spreading disinformation pretending to be an Armenian source.

One of them was the xronika.am news site which was created during the 2008 Georgian-Osetian war and was used to exacerbate relations between Georgia and Armenia. There was another site – versiya.am, which was shut down after a month it was opened because of many complaints.

Chapter 24 of the Criminal Code of Armenia is dedicated to the crimes against the IT security.

Article 251 of the Code says that penetration into information stored in a computer system or network resulting in information change, is punished with a fine or with imprisonment for the term of up to 2 years. The punishment can be increased if the crime is committed on purpose. 

Anyway, no matter how strict is the size of punishmet set by Article 251 in Armenia, it will not decrease the hackers’ will of penetrating into Armenian cyber territory as they act on the territory of another country supporting their actions.

 

Get involved in JNews poll:

Should a special order be determined for Internet users?

Source: JNews.am