High Time to Care about Cyber Security
“Cyber Security,” a term which would have undoubtedly drawn a surprised response of “what!?” just a decade ago, is gradually turning into a buzzworthy topic in Georgia, with more and more attention being directed towards the cyber threats that the country faces.
Earlier this month a special regional workshop on cyber security was held in Georgia, bringing together more than 50 representatives of 18 countries. The two-day event was organized by the Data Exchange Agency (DEA), within the framework of NATO’s Science for Peace and Security (SPS) program. According to the Head of the DEA, Irakli Gvenetadze, the project served as “the first time NATO has participated in such a high-level workshop in Georgia”.
The aforementioned event, amongst many others, is a logical continuation of Georgia’s stance against cybercrime, which was publicly declared in 2012 when the country ratified the Council of Europe’s (CoE) Convention on Cybercrime (2001). According to the Ministry of Internal Affairs (MIA), the steps towards making Georgian legislation more coherent with the Cybercrime Convention were taken in 2008-2009 and, today, Georgia is actively cooperating with Estonia and the US Federal Bureau of Investigation (FBI) in order to “increase capacities of the Georgian MIA operative units in the process of combating cybercrime and the seizure of digital evidence.”
One may ask why the Government of Georgia suddenly took an interest in cyber security issues in 2008 while such motivation seemed almost nonexistent before. The reason for this was the Russian-Georgian war of the same year, when the local websites came under a number of serious cyber-attacks from Russia, closing down numerous governmental and non-governmental webpages. Since then, many other similar cyber-attacks were launched against the country. For instance, in 2011, CERT.GOV.GE* discovered a botnet control server that had hacked ema.gov.ge; presa.ge; psnews.ge; cei.ge and several other Georgian websites.
If the local incidents don’t set a proper example of the importance of cyber security, we could look back at one of the most talked-about cyber-attacks of recent history – the 2014 Sony Pictures Entertainment (SPE) hack. Numerous accusations have been made about the above-mentioned crime, including the involvement of North Korea, former SPE employees and even current workers of the company. Whichever the case, one thing is for sure, the hack resulted in the leak of Sony employees’ personal information (pictures, emails and salary figures), as well as copies of previously unreleased films, ending up costing the corporation a whopping total financial loss of 14 billion Yen ($170 million).
While the rest of the world seems to be at its peak of cyber-awareness, Georgia still has a long way to go. The fact that the Convention on Cybercrime was ratified 11 years after its creation gives a pretty clear picture of how far behind the country is. However, the recent numerous projects regarding the challenges, including the regional workshop, Aleksandre Chikaidze’s discussions about cyber security with his Spanish counterpart earlier this year, and DEA’s increasing contribution to the fight against cybercrime, gives much promise to a country still dipping its toes tentatively into the digital era.
* “CERT.GOV.GE operates under Data Exchange Agency of the Ministry of Justice of Georgia and is responsible for handling critical incidents that occur within Georgian Governmental Networks and critical infrastructure. CERT.GOV.GE started its operations in January, 2011. Since the National CERT does not operate in Georgia at this moment, CERT.GOV.GE handles all critical computer incidents which occur in the country.” (Source: DEA)
Beqa Kirtava