Cyber wars

In 2015, about 60 countries are developing computer espionage, hacker attacks and surveillance. A total of 29 countries, including China, Denmark and France, have specialized military cyber units dedicated to countering information security threats. At the same time, 49 countries, including Russia, Australia, Brazil and Egypt, purchase specialized hacker software, and 63 countries, including the Czech Republic, Italy and Mexico, use continuous surveillance tools both domestically and globally, the WSJ study said. The creation and use of cyber weapons does not require colossal investments in enrichment plants, the development of delivery vehicles and the construction of launchers.

It is enough to have relatively small financial resources, medium computer systems and access to global networks. Cyber ​ ​ attacks are difficult to stop and often impossible to track.

Thanks to this, hacking tools have become available not only to governments, but also to aggressive political groups and terrorist organizations. In response to aggression from the United States, Russia was forced to revise its military doctrine in the field of cybersecurity.

International agreements

2021

Russian Foreign Ministry proposes to conclude an agreement on international control of the Internet

Deputy Foreign Minister of the Russian Federation Oleg Syromolotov reported on the initiative Russia to conclude an agreement on international regulation of management. Internet This became known on December 30, 2021.

Russia advocates the internationalization of Internet management and equal participation of states in this process, Syromolotov said.

Syromolotov also noted that issues related to the Internet and its regulation are being discussed within the framework of the International Telecommunication Union. The Russian Federation is one of the most active participants.

The representative of the Foreign Ministry stressed that the proposed concept will be effective only if all countries^[1] propose ^[2].

V.V. Putin: NATO officially declared cyberspace a war zone

This was stated in an interview with the American television channel NBC News by Russian President Vladimir Putin. The Russian leader stressed that Russia is not waging war on this field^[3].

"Well, what gets in our way, we would say too: you are, and we will do so. But we don't want that. Just as we do not want the militarization of space, we do not want the militarization of cyberspace, "the head of state said.

At the same time, he admitted that the American special services could cause significant damage to the Russian Federation when acting in cyberspace.

'We've been accused of everything in the world. In election interference, cyber attacks and so on and so forth. And not a single time did no one bother to present any evidence and evidence. Only unfounded accusations, "Putin complained.

"I am not afraid of the penetration of American intelligence into Russia's systems. But I mean that this is possible, "Putin answered a question from NBC whether he is afraid that American intelligence has penetrated deeply into the Russian system.

On June 13, in an interview with the British radio station Times Radio, NATO Secretary General Jens Stoltenberg said that relations between Russia and the North Atlantic Alliance have now dropped to the lowest point since the Cold War.

V.V. Putin: We are supporters of equality, order and mutual respect in the information sphere

In March 2021, V.V. Putin held the Security Council of the Russian Federation on state policy in the field of international information security.

"New technological solutions generate new risks. We see that the global digital space often becomes a platform for tough information confrontation "

• We consider it necessary to conclude universal international legal agreements aimed at preventing conflicts and building mutually beneficial partnerships in the world information space, for the rapid introduction of the most advanced technological solutions in preventing potential risks.
• It is important to jointly develop and harmonize universal and fair rules of responsible behavior of States in the information space with clear and intelligible criteria for permissible and unacceptable actions and give them a legally binding character.
• That is, each country must strictly comply with these rules.
• We stand for the inviolability of the digital sovereignty of states. Each country can independently determine the parameters for regulating its own information space and the corresponding infrastructure.
• We are supporters of equality, order and mutual respect in the information sphere, ensuring its progressive development.

2020

Cyber ​ ​ attacks may be the reason for the outbreak of the 3rd World War

Czech military intelligence has published a report in which it believes that preparations for the Third World War have already begun. This became known on November 11, 2020.

The published report for 2019 said that a fantastic scenario could soon become a terrible reality. The Czech information portal Lidovky, which got acquainted with the 14-page study, writes about the "first stage of preparation" of the world conflict:

The possible conflict of a global nature towards which the world is moving is in the first stage of its preparation. The minds of those who can and will want to actively participate in it are being formed, and technological tools are gradually being determined. If we are unable to assess the consequences of our own actions, then an erroneous instruction or command can initiate processes leading to mutual destruction.

Czech intelligence officers specifically warned of the dangers of progressive technology. More precisely - about their abuse. The likely cause of the global conflict could be rivalry between Russia, China and the United States. Czech military experts suggest that a large-scale confrontation could unfold in the air and cyberspace^[4].

US rejects Putin's international cybersecurity initiative

As it became known on October 19, 2020 USA , they rejected Russia Vladimir Putin the president's international initiative. cyber security Assistant US Attorney General for National Security John Demers, according to the newspaper, The New York Times called the proposal of the Russian leader to resume international cooperation in the field "cynical and cheap propaganda." information security

Demers said the indictments were a cold reminder of why his proposal is nothing more than dishonest rhetoric and cynical and cheap propaganda, the publication said.

Earlier in October 2020, Vladimir Putin expressed regret that he had not received an answer to his proposed US resumption of cooperation in the field of cybersecurity.

Unfortunately, as well as on a number of our other initiatives, I think there is no answer to this very important topic, although there are continuing claims against us about our hyperactivity, allegedly hyperactivity, in the information sphere, in interference in elections there and so on, which have absolutely no basis, "Putin said in an interview with the TV channel" Russia. "

The head of the US State Department, Mike Pompeo, called Russia one of the main troublemakers on the global Internet and said that Moscow demonstrates complete disregard for public safety and international stability, although the opposite is proven in words.

This is how the head of the US Foreign Ministry reacted to the charges brought by the US Department of Justice and the FBI against six alleged Russian hackers. The United States claims that all the accused are allegedly employees of the Russian Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU) and worked for military unit 74455. It explains that they are involved "in some of the most destructive cyber attacks in the world." Among them are mentioned the attack on the power system of Ukraine, interference in Georgia, during the elections in France and in connection with the 2018 Olympics. This, in particular, is about the spread of the NotPetya ransomware virus in 2017, which infected devices around the world and caused millions of dollars in damage.^[5]

Putin invited all countries to make a commitment to not be the first to strike using ICT

At the end of September 2020, it became known that the president Russia Putin invited all countries to make a commitment to not be the first to strike using information and communication technologies (). ICT This is stated in a statement published on the Kremlin's website on a comprehensive program of measures to restore Russian-American cooperation in the field of international information security.

One of the main strategic challenges of our time is the risk of a large-scale confrontation in the digital sphere. Special responsibility for its prevention lies with key players in the field of international information security (IIB). In this regard, we would like to again appeal to the United States with a proposal to approve a comprehensive program of practical measures to reset our relations in the field of using information and communication technologies, the message says.

Vladimir Putin suggested that the Donald Trump administration "approve a comprehensive program of practical measures to reset relations in the field of information and communication technologies (ICT)." Several suggestions were made at once.

• Restore a full-scale bilateral regular inter-agency dialogue on key issues of ensuring high-level IIBs.
• To maintain continuous and effective communication channels between the competent departments of our countries through nuclear risk reduction centers, computer incident response teams and high-level officials overseeing IIB issues within the framework of structures related to ensuring national, including information, security.
• Jointly develop and conclude a bilateral intergovernmental agreement on the prevention of incidents in the information space by analogy with the current Soviet-American Agreement on the Prevention of Incidents in the Open Sea and Airspace above it of May 25, 1972.
• In a mutually acceptable form, exchange guarantees of non-interference in each other's internal affairs, including electoral processes, including using ICT and high-tech methods.^[6]

2019

UNGA adopted a resolution of Russia to develop a convention to combat cybercrime

The UN General Assembly (GA) at the end of December 2019 adopted a resolution proposed by Russia, which launches the development of an international convention to combat cybercrime. 79 states spoke in support of the document, 60 voted against, 33 countries abstained.

In particular, the General Assembly decided to "establish a special open-ended intergovernmental committee of experts representing all regions to develop a comprehensive international convention on countering the use of information and communication technologies for criminal purposes"^[7].

It is assumed that the work on the convention will fully take into account "the efforts undertaken at the national and international levels to combat the use of information and communication technologies for criminal purposes." In particular, it is planned to use "the results of the work of the open-ended intergovernmental group of experts to conduct a comprehensive study on cybercrime."

The draft resolution was submitted to the UNGA in mid-December, and before that received the approval of the Third Committee of the General Assembly. The meaning of the resolution "is precisely to fall on this very serious evil together, which causes colossal, trillion damage to the entire world economy and personally to citizens," Andrei Krutskikh, special representative of the President of the Russian Federation for international cooperation in the field of information security, explained to TASS Information Agency of Russia.

The diplomat clarified that Moscow does not oppose its initiative to the already existing Budapest Convention, but proposes to modernize it "as much as possible." For example, only nine types of crimes are spelled out in the Budapest Convention, and now there are more than 30 of them, and this is recognized by all participants in the discussion, he said. In addition, it does not touch upon the topic of cyberterrorism, and this topic must be spelled out in the convention, Krutskikh emphasized.

For and against the resolution

Before the vote, the representative of Finland, who spoke on behalf of other countries, took the floor. European Union He criticized the Russian initiative, urging members of the General Assembly not to support it.

"Starting negotiations in the absence of consensus will create additional polarization between states," the Finnish diplomat argued. "In addition, if negotiations on a new treaty are successful, it is likely to lead to lower standards given the difficulties in developing an international agreement on cyberspace issues, and this will only strengthen the digital and economic gap, as well as interfere with effective cooperation."

A similar position was expressed by the representative of the United States. In her opinion, this resolution "will undermine international cooperation in the fight against cybercrime at a time when closer coordination is absolutely necessary." The US diplomat added that she does not see "consensus among member states on the need to develop a new treaty," and this, in her opinion, "will only interfere with global efforts." "This resolution is premature and anticipates the results of the current work of the expert group," she said.

"This [special intergovernmental] committee in 2020 will hold its first organizational session in New York so that the maximum number of countries can take part in it," objected Deputy Permanent Representative of the Russian Federation Gennady Kuzmin. "During this session, the modality and plan of further action of the committee will be agreed." He recalled that at one time "a similar path was taken by the UN Convention against Corruption and the Convention against Transnational Organized Crime."

"The resolution explicitly provides that the future committee should take into account the results of the work of experts on cybercrime, the report of which we expect next year," he continued, specifying that, taking into account this factor, substantive work on the convention will begin in 2021. "Russia fully supports the Vienna group [of experts], of course, there can be no talk of any duplicate sites," the diplomat stressed.

As Kuzmin noted, the resolution suggests that "the era of club agreements should give way to the democratic negotiation process." "It is fundamentally important for us that this process is open, inclusive and transparent," he concluded.

The creator of the World Wide Web presented the principles of the "Network Contract"

World Wide Web creator Tim Berners-Lee presented an action plan in November 2019 to protect the network from political manipulation, fake news, privacy violations and other malicious influences. "Contract for the Web" requires governments, companies and individuals to make specific obligations to protect the network from abuse and ensure its benefits for humanity^[8][9]

The contract, which 80 organizations have worked on for more than a year, offers nine basic principles for protecting the network - three each for governments, companies and individuals. Berners-Lee's project was supported by more than 150 organizations - from Microsoft, Google and Facebook Microsoft, Google and Facebook to the Electronic Frontier Foundation.

Those who support the contract must demonstrate the implementation of the principles and work on solving more complex problems or they will be excluded from the project. The principles of the contract require governments to do everything possible so that everyone can connect to the Internet and ensure the confidentiality of their information. People should have access to their personal data that companies collect and have the right to object or refuse to process it.

Other principles oblige companies to make Internet access accessible and require them to develop web services for people with disabilities and those who speak minority languages. It also requires simplifying privacy settings by providing control panels to access data and manage privacy settings. Companies need to consult communities before and after new products are released and assess the risk that their technology will spread misinformation or harm people's personal well-being.

The last three principles call on people to create rich and relevant content, strong online communities where everyone will feel safe and finally fight for the openness and accessibility of the network.

Lack of methods to combat cyber threats together could lead to global cyber war

The world could be on the cusp of a global cyber war if governments do not find a way to combat cyber threats together. This was stated by the Special Representative of the President of the Russian Federation for International Cooperation in the Field of Information Security Andrei Krutskikh at a plenary meeting of the UN Working Group on International Information Security.

According to the political scientist, the world will soon be on the verge of a global cyber war if the governments of the countries do not learn how to jointly deal with cyber threats. As the special representative of the President of the Russian Federation said in September 2019, Russia is open for dialogue with all countries and states, and it is necessary to build joint work in the most effective way.

"The situation in this area is rapidly degrading. If we discard the propaganda husk, it will become obvious that cyber confrontation is only growing and, if we jointly do not find effective ways to combat these threats, then, frankly, it will be a hand to submit to the global cyber war, "the TASS news agency quoted the Russian Information Agency as saying Krutskikh.

According to the political scientist, the UN cybersecurity group will meet in February 2020 to discuss a report on threats in this area.

2018

The UN General Assembly approved the code of conduct of states on the Internet introduced by Russia

The UN General Assembly overwhelmingly approved the Russian resolution "Achievements in the field of informatization and telecommunications in the context of international security," containing a code of conduct for states on the Internet, Kommersant reported on December 7, 2018. In total, 119 states supported the idea of ​ ​ Russia, 46 countries voted against, 14 abstained. The document is not legally binding, but creates the conditions for the development of an international convention on information security. Russia has sought the adoption of such a document since 1998.

Our resolution contains two fundamentally important elements. Firstly, this is the initial set of rules for the responsible behavior of states in the information space, formulated on the basis of the recommendations of a group of UN government experts, - the special representative of the President of the Russian Federation for international cooperation in the field of information security, ambassador at large Andrei Krutskikh, explained to Kommersant. - Secondly, it included a call for the General Assembly to create an open-ended working group on international information security in 2019.

In its resolution, Russia calls on states to adhere to 13 principles involving the use of cyber means "exclusively for peaceful purposes." States, as stated in the document, should not indiscriminately accuse each other of illegal actions on the Internet, and all such claims should be "justified." Countries should not allow their territory and infrastructure to be used to carry out cyber attacks, as well as attack each other's critical infrastructure with the help of cyber means (nuclear power plants, transport and water management systems, etc.). In addition, states undertake not to insert "bookmarks" - hidden codes - into IT products produced on their territory.

The open-ended working group will have to discuss these principles and, possibly, draw up a draft legally binding UN convention on international information security on their basis. Any country can join the work, and the group must make decisions by consensus. This mechanism, as conceived by Moscow, should replace the UN group of government experts created in 2004 at the initiative of the Russian Federation. At different times, it included 20-25 states, and it was she who developed the principles that Russia included in its resolution. However, in 2017, members of the old group quarreled and she has been paralysed ever since.

The United States and its allies oppose the Russian idea, as they expect to restore the previous mechanism. It is expected that the American counter-resolution will be submitted to the UN General Assembly by the end of December. If two competing resolutions are passed and two mechanisms are created for further work, the division of the international community on issues related to cybersecurity will only deepen.^[10]

Russia, the United States and Iran refused to sign the "Paris call for trust and security in cyberspace"

On November 13, 2018, French President Emmanuel Macron (Emmanuel Jean-Michel Frederic Macron) made a proposal to "proceed to a more thorough regulation of the Internet without delay." Representatives of countries were invited to consider a document entitled "Paris Call for Trust and Security in Cyberspace." Russia was among the states that refused to sign it, unlike the other 50 countries of the world and more than 150 of the largest IT companies with a world name.

The Paris Appeal is aimed primarily at strengthening the fight against malicious actions and censorship on the World Wide Web and any interference in elections, as well as ensuring the protection of trade secrets. The document calls on all countries to unite to develop unified principles for ensuring security throughout the Internet, not only in its individual segments.

We condemn any malicious cyberactivity in peacetime that threatens both individuals and critical infrastructures, or entails significant indiscriminate or systemic damage. France also welcomes any proposals for measures to improve protection against cybercrime and cybercrime.

The United States, Israel, Iran, China and North Korea were in solidarity with Russia's position regarding the "Paris call to trust and security in cyberspace."

However, most countries after Macron's speech signed, in particular, states from the European Union, as well as Japan and Canada. IT companies not left out included Facebook, Google and Microsoft.

The document does not provide for any sanctions or other retaliatory actions against non-signed countries.

President Macron's declaration pays special attention to the laws and acts on which countries ready to fight cybercrime on a global scale will rely. In particular, the document contains a mention of the entire UN Charter, international humanitarian law and customary international law.

At the same time, the Paris Appeal does not provide any specific measures to implement the goals set in the document. The authors of the declaration imply that certain measures will be developed in the process of joint struggle of countries with a common threat. The document itself is, in fact, a call to action, not an instruction or prescription.

Macron's declaration may well be considered an analogue of the Russian draft security resolution. The domestic document was submitted to the First Committee of the UN General Assembly at the end of October 2018. In the project, Russia proposed to use information technologies exclusively for peaceful purposes, make all efforts to prevent conflicts in cyberspace, respect the sovereignty of countries and prevent an increase in the gap between them, as well as abandon "intermediaries in the context of the application" of IT.

The draft resolution is not positioned as a call to action, but, unlike the French declaration, contains a list of the main measures to achieve its goals. In particular, the states that have signed up to it will be required to provide significant evidence when accused of cybersecurity, refrain from provocations and not use the cyber environment for attacks^[11].

BRICS agreement on the creation of a joint cyber police

The heads of countries BRICS signed in August 2018 Johannesburg during the final declaration on cooperation in various fields held at the summit. Among other things, the document includes a clause on the creation of a joint cyber police.

According to a member of the Scientific Council under the Security Council of the Russian Federation Andrei Manoylo, the signed document pays special attention to the cooperation of the BRICS countries in the field of ensuring collective information security, including in the field of the use of information and communication technologies (ICT). The creation of a joint cyber police is designed to help organize a response to current cyber threats such as information terrorism, extremism, as well as information warfare operations and large-scale hacker attacks.

"Since everyone has real problems in terms of ensuring information security and protection from information war operations, even those China seeking to isolate themselves from these threats with their" Golden Shields "and the relatively recently adopted new law cyber security on 2016, copying the" Spring package. " With all the high degree of inflation of cybermusculation, in China, and there Russia India Brazil REPUBLIC OF SOUTH AFRICA are still problems associated with ensuring security and protecting state sovereignty, which, in principle, cannot be solved at the national level, "the specialist noted.

It is assumed that the joint cyber police will work on the principle of Interpol and have a supranational character, but the activities of the new law enforcement agency will be limited to the countries participating in the BRICS.

Endowing the FSO with the functions of cyber warfare

Russian President Vladimir Putin signed a decree on February 27, 2018 on amending the regulation on the Federal Security Service. The list of powers of the service was replenished with participation in "conducting information confrontation activities" and ensuring the work of the "departmental center of the state system for detecting, preventing and eliminating the consequences of computer attacks on information resources of the Russian Federation under the jurisdiction of the FSO." The document entered into force on the date of its signing. Read more here.

WEF Global Cyber ​ ​ Security Center - Cybercrime project

in Sberbank January 2018, he announced support for the initiative to create a Global Center for cyber security under the auspices of the World Economic Forum. This was stated by Deputy Chairman of the Board of Sberbank Stanislav Kuznetsov.

The Global Cybersecurity Center is a key milestone in the development of the Cybercrime Project, an extensive cybersecurity initiative of the WEF. Since the creation of this initiative, Sberbank has been actively involved in its activities, and the strategic partnership with the Global Center has become a serious step forward in strengthening the bank's position as an active fighter against international cybercrime.

"We hope that the Center will take on the role of a unique platform for the interaction of the public and private sectors, the development of which will take place in three key areas. These areas are the establishment of mutually beneficial cooperation between public and private corporations, the formation of the necessary conditions for organizing the constant exchange of information and the creation of a reliable research center that independently evaluates and analyzes the current situation in the field of cybersecurity in the international arena, "said Stanislav Kuznetsov

.

Sberbank participated in the discussion and formation of the principles for the creation of the Global Cyber ​ ​ Security Center.

2017

Russia, together with the SCO, will create a draft resolution of the UN General Assembly on information security

The Russian Federation, with the participation of the participating countries of the Shanghai Cooperation Organization (SCO), is working on a draft resolution of the UN General Assembly (GA) on the rules of conduct of states in the information space. The draft will be presented at the next session of the GA. This was announced on Thursday, December 14, 2017, by Deputy Foreign Minister Oleg Syromolotov.

According to Syromolotov, at the 72nd session of the UN General Assembly, it was decided to keep the topic of international information security on the agenda of the next session. By that time, the Russian Federation will present a draft separate resolution of the UN General Assembly developed jointly with the SCO on the rules for the responsible behavior of countries in the information space. The project will be based on the SCO document "Rules of Conduct in the Field of Interethnic Information Security."

In January 2018, the SCO expert group on international information security will be created, which will prepare the text of the draft resolution, Syromolotov explained. It is also planned to involve BRICS in the work on the project, which in addition to the Russian Federation includes Brazil, India, China and South Africa. The work on the project is dictated by the need to "prevent the transformation of the digital sphere into an arena of military-technical confrontation," the deputy foreign minister explained.

Budapest Convention on Cybercrime considered outdated

Ilya Rogachev, director of the Russian Foreign Ministry's department for new challenges and threats, called the Budapest Convention on Cybercrime outdated and requiring revision, TASS news agency Russian News Agency reported in December 2017.

According to Rogachev, the convention adopted in 2001 does not provide for proper measures against modern cyber threats, such as spam activities, network fraud and botnets. This convention was prepared at a time when most cybercrimes remained unfixed or unimportant, but at present the methods of cybercriminals have become much more sophisticated, said the director of the department.

The diplomat also stressed that one of the main problems that prevent Russia from joining the convention is, in particular, the content of Art. 32, according to which the participants in the mechanism receive cross-border access to the data of the other party without the need to notify the authorities of the state with relevant information.

According to Rogachev, this article allows violating fundamental civil rights in relation to the personal data of citizens. At the same time, the increase in the number of international cybercrimes is today one of the main problems in the field of cybersecurity.

Russia will agree on computer security with five more countries

Russia intends to conclude bilateral intergovernmental agreements to prevent the escalation of computer incidents with Germany, France, Israel, South Korea and Japan, Kommersant reported in November 2017.

According to the newspaper, the possibility of holding consultations on this topic was instructed to work out until July 1, 2018 by the Ministry of Foreign Affairs, the Ministry of Communications, the FSB and the Federal Service for Technical and Export Control, the Security Council of the Russian Federation. The subject of future negotiations is "issues of ensuring international information security, including mutual information about cyber incidents, as well as the conclusion of relevant intergovernmental agreements."

According to the publication, the order was given by President Vladimir Putin following a meeting of the Security Council on October 26. It is worth noting that earlier Russia has already concluded similar agreements with China, the USA, India, South Africa, Belarus, Cuba.

The newspaper claims that preliminary contacts between Russia on the one hand, and Germany, France, Israel, South Korea and Japan on the other on the topic of information security have already taken place.

Russia called on the United States to consider the possibility of creating a joint group on cybersecurity

The Russian Embassy in Washington published a statement in September 2017 urging the United States to once again consider the possibility of creating a joint Russian-American working group on cybersecurity^[12]

The presidents of the Russian Federation and the United States, Vladimir Putin and Donald Trump, discussed the creation of a bilateral working group on protection against cyber threats in July 2017 at the G20 summit in Hamburg. In a personal conversation, the heads of state discussed the possibility of creating a Russian-American group to counter information threats and hacker attacks.

BRICS concept of safe functioning and development of the Internet

Russia appealed in the summer of 2017 with a proposal to the BRICS countries (Brazil, Russia, India, China and South Africa) to discuss the concept of safe functioning and development of the Internet. This was announced by the head of the Ministry of Telecom and Mass Communications Nikolai Nikiforov.

The unified rules for managing digital space, submitted to the UN by the Ministry of Telecom and Mass Communications of the Russian Federation, proposed to consider the countries of BRICS Russia. The initiative was voiced by the head of the department Nikolai Nikiforov at a meeting of the Ministers of Communications and Telecommunications in Hangzhou (China). He said: "Today at the meeting, among other things, we proposed to consider the concept of the UN Convention on Safe Internet. We hope that the BRICS countries will somehow express their position to the concept of the convention^[13].

The head of the Ministry of Telecom and Mass Communications noted that the Internet and information technologies today should be considered as a kind of infrastructure basis for the digital economy. "More and more industries and households are switching to certain digitalized processes, so it is important for us to ensure the stable development of the Internet, it is important for us to make it function reliably so that no one can have any influence," Nikiforov explained.

He believes that now it is necessary to determine the international and national levels of regulation of the digitalization of society and fix in the concept. "National legislation in different countries differs, this is normal, but it is important to understand that national legislation in the field of regulating certain aspects of the use of digital technologies and the functioning of interfaces may also differ. Something can be allowed in one country and banned in another. We need to treat this with respect, "he stressed.

Nikiforov, expressing concern about the existing monopoly on information platforms in the world, noted: "We believe that the digital economy is impossible without a single trust in the information space, and this cannot be done without the fact that we are on the present norms of international law, not some invented agreements, but directly on the basis of international law, directly in the UN should approve these approaches. There should be some understandable and transparent international rules within the framework of which it is determined who has the right to do, how we ensure security on the Internet, how we ensure the security of the personal data of our citizens, how we manage the critical infrastructure so that no one can bring any interference into work. And today there is not a single international document that somehow determined this. "

Russian Foreign Ministry prepared a draft UN convention against information crime

The Ministry of Foreign Affairs of the Russian Federation, with the participation of a number of departments, prepared in April 2017 a draft UN convention "On cooperation in the field of combating information crime."

It is assumed that it will be adopted instead of the Budapest Convention on Computer Crimes, which has been in force since 2001, Kommersant writes. Russia has not ratified this convention, unlike the EU, USA, Australia, Japan and Israel.

As conceived by the Foreign Ministry, the document takes into account the changes that have occurred in the industry since 2001, and is universal, acceptable for all UN member countries. Its main goal is "to promote the adoption and strengthening of measures aimed at the effective prevention of crimes and other illegal acts in the field of information and communication technologies (ICT) and the fight against them."

Among the crimes against which the convention is directed - illegal access to electronic information and data interception, distribution of malware and spam, copyright infringement, etc. According to the publication, the document does not provide for the possibility of access of special services to the networks of other countries. On the contrary, the convention emphasizes the sovereignty of countries. The document also describes the procedure for international interaction in the disclosure of cybercrimes.

As conceived by the Foreign Ministry, within the framework of the convention, a round-the-clock contact center will also work to assist in the investigation of crimes.

Russia calls for the creation of an international convention on information security

In March 2017, Russia proposed to develop an international convention on. information security It is TASS Information Agency of Russia reported with reference to the Minister of Foreign Affairs. Russia Sergei Lavrov

Russia, together with its partners, in particular from the Shanghai Cooperation Organization, has prepared a draft document on the rules of behavior in cyberspace, it is also distributed to the UN. In general, we believe, and there is already a proposal that it is necessary to develop an international convention that will be devoted to cybersecurity, including the problem of eliminating threats and risks associated with hacking, "Lavrov said during a speech at the Military Academy of the General Staff of the Russian Armed Forces.

He added that the document will concern cybercriminals who violate the digital space of states, conduct illegal actions and undermine the sovereignty of countries.

According to the head of the Russian Foreign Ministry, Moscow will look at how those who blame "Russian hackers" will respond to these Russian initiatives.

Earlier in March 2017, Beijing announced its readiness to protect its own cybersecurity and strengthen cooperation with the international community to develop a set of international cyberspace rules within the UN.

These rules will be acceptable to all parties, and will also contribute to the creation of a peaceful, safe, open, orderly and cooperation-filled cyberspace, "said Chinese Foreign Ministry spokesman Geng Shuang.

Russia and China have started talking about cybersecurity issues after the website WikiLeaks published a massive archive of CIA documents. It claims that US intelligence officials use software to access smartphones, computers and televisions.^[14]

Microsoft proposes to adopt a cyber dialogue of the Geneva Convention

In February 2017, Microsoft President (Brad Smith) broadcast an open proposal to adopt international cybersecurity standards, an analogue of the Geneva Convention. However, according to experts, the proposal is untenable and impracticable, since it does not take into account the interests of state structures and other business representatives.

Among the main theses are the following:

• the state should not establish mandatory standards for IT companies to include vulnerabilities in products for their own purposes;
• the corresponding duty of the ICT industry is to oppose such attempts. The common task of these two norms is to ensure confidence in the services and services provided in cyberspace;
• introduce the principle of non-use of vulnerabilities found in the products of commercial companies to carry out cyber attacks and other illegal actions in cyberspace. Moreover, the state must report vulnerabilities to the manufacturer so that he can eliminate them;
• the state should not resort to attacks in cyberspace and use cyber weapons.

These principles and norms must be voluntarily adopted by states and global IT corporations in order to ensure trust and security in the cyber sphere.

In addition, it is proposed to create a special independent center for attributing cyber attacks and incidents, similar to the International Atomic Energy Agency (IAEA). The participants of the structure will be technical experts and lawyers from different countries, representatives of the public sector and private business^[15] is^[16].

OSCE proposed measures to interact in cyber attacks

OSCE Secretary General Lamberto Zanier considers cybersecurity to be one of the main tasks facing the international public. In February 2017, he made a statement that the OSCE will present a number of measures of interaction in cyber warfare. "In the event of a cyber attack, we have the opportunity to activate the mechanism," Zanier said. At the same time, he noted that this mechanism has never been used before and explained that the development is not a technical solution, it is "a series of steps that the country must take in the event of a cyber attack on it." The head of the OSCE stressed that the organization does not "identify a cyber attack," a statement is made by a state that was completely attacked, it reports its suspicions, and then the second side has the opportunity to provide explanations^[17].

According to Zanier, the need to create a coalition to solve many problems is long overdue in the world, because many projects are already being worked on together with various international structures and the UN. The new organization would also pay attention to solving such global issues as the "migration crisis, the problem of terrorism, radicalization, cybersecurity," which are relevant today.

The OSCE was called upon to create a special committee to combat cybercrime and terrorism by Russian State Duma deputy Nikolai Kovalev, who represents Russia at the organization's Parliamentary Assembly. It was also proposed to empower such a structure on the basis of objective facts to determine the involvement of certain states in cyber attacks. Nikolai Kovalev, deputy of the Russian State Duma, special representative of the OSCE Parliamentary Assembly on countering terrorism, made a proposal to create a joint committee with the OSCE to combat cybercrime and terrorism, authorized to also make judgments about the involvement of certain countries in cyber attacks.

At a meeting of the Standing Committee of the Assembly, he addressed the participants: "I urge the Parliamentary Assembly to set the tone in the fight against international terrorism, to become a political leader in resolving this problem. The divides in politics that the leaders of our countries demonstrate in various aspects should not interfere with our common fight against terrorism. " According to the deputy, in such situations, an objective approach is important, not political motives. "Today, unfortunately, everything has gone into the field of information attacks, and this gives rise to disbelief and distrust of people for information that roams the pages of online publications and is presented to the media depending on the political views of a particular country," he pointed out.

2015: Draft Global Pact on Electronic Non-Aggression

In the summer of 2015, a group of UN government experts on international information security (it includes representatives of 20 countries, including Russia, the USA, China, Great Britain, Brazil, Japan, Israel and others) laid the foundation for a kind of global pact on electronic non-aggression. In accordance with the agreements reached, states undertake to use cyber technologies "exclusively for peaceful purposes." Among other things, it is assumed that they will not attack each other's critical infrastructure (NPP, banks, transport management systems, etc.), will stop inserting malicious "bookmarks" (malicious software) in the IT products they produce, refrain from indiscriminately accusing each other of cyber attacks and begin to make efforts to combat hackers carrying out computer sabotage from or through their territory^[18]

Work on the text of the document was carried out for several years. It is now expected to enter the UN General Assembly for debate.

The final text of the document, as^[19] wrote^[20]did not include a US proposal to extend international legal norms to cyberspace. It was opposed by Russia, Belarus, China and other countries that decided that such a measure could consolidate US hegemony in cyberspace. Also, the text did not include the US proposal on the possibility of using force methods to respond to cyber attacks - representatives of China opposed, because this would lead to the militarization of cyberspace.

The norms proclaimed by the UN group, however, have a significant flaw: they are only voluntary in nature. At the same time, it took several years to agree on even these non-binding rules. Even the most notorious optimist will not be able to predict when these well-wishes will become law today. Moreover, due to the specifics of cyber technologies, it is not yet clear how to control its implementation. And in the absence of any deterrents and taking into account the clinical distrust of the main players towards each other, everyone only continues to arm themselves.

This situation is also dangerous because the leading cyber powers - including Russia and the United States - have officially equated cyber attacks with traditional military actions, declaring their right to respond to them as an act of aggression. And since it is very difficult to track the source of the attack in cyberspace, it cannot be ruled out that some third party will try to "push Moscow and Washington with their foreheads."

All hope for the hotline launched by Putin and Obama in June 2013. Then, between Moscow and Washington, to prevent the escalation of cyber incidents into a full-scale crisis, a round-the-clock information exchange line was established - an analogue of a direct communication channel launched in Soviet times to reduce risks in the nuclear sphere. Since then, if, say, someone, through computer sabotage, disables a dam in America, as a result of which a large number of people will die, and traces of the attack will lead to Moscow, the Americans will not immediately strike back. Thanks to an open hotline, they will at least have to ask for an explanation first. The main thing is that in Moscow someone comes to the phone.

2011

Budapest Convention

The Budapest Convention against Cybercrime was adopted by the Council of Europe on November 23, 2001. The document allows you to regulate the actions of various states in the fight against crimes on the Internet.

Concept of the Convention "On Ensuring International Information Security"

The idea of ​ ​ adopting the rules of conduct of states in cyberspace was the first to come up. Russia Back in the fall of 2011, Russian diplomats began to promote UN the concept of the Convention "On Ensuring International," information security which spelled out regulatory norms Internet taking into account military-political, criminal and terrorist challenges. In addition to the ban on using the Network to interfere in the affairs of other countries and overthrow objectionable regimes, Russia proposed giving governments wide freedom of action within the "national segments" of the Internet. The document also discussed a ban on the militarization of cyberspace and, in particular, the prevention of "use for information technology hostile actions," including hacker attacks^[21]

But the Russian initiative is far from advanced. The United States and its allies saw in it the desire of the weaker side to limit the possibilities of the stronger. The proposal to ban countries from developing offensive cyber technologies in Washington was called "unrealistic," citing the fact that traditional agreements (like the Treaty on the Non-Proliferation of Nuclear Weapons) in cyberspace will be ineffective. And the requirement to extend the principle of non-interference in the internal affairs of states to the Internet and give governments more powers - "an attempt to place censorship and state control on the Web." At that time, the US authorities, in principle, did not consider it necessary to adopt any separate rules of state behavior in cyberspace, believing that all controversial issues could be resolved using current international norms.

Development of a convention on cyber warfare

International organizations with the participation of Russia and the United States are working on the creation of a convention on cyber warfare. One of its tasks is to remove "civilian" objects on the Internet from cyber attacks. The result of the work, among other things, may be the creation of an international tribunal for the trial of cybercriminals.

It is possible that soon the rules of international conventions will apply to cyber wars, and the international community will classify part of the malware as weapons of mass destruction. These issues were discussed in early 2011 at the Munich Security Conference.

The event addressed the applicability of current real-world warfare rules to cyberspace. The rules of conduct of hostilities are described in two international conventions: The Hague (1899 and 1907) and Geneva (1929). These documents, along with several funny international norms (for example, the prohibition of infantry firing from balloons), contain a corps of agreements on the treatment of civilians, wounded and refugees during the war.

The study on the applicability of conventions during cyber wars was created by two co-authors: the head of the technological direction of the East-West Institute Karl Rauscher and Andrei Korotkov, head of the department of global information processes and resources at MGIMO.

Andrei Korotkov told CNews that the document gives five main recommendations for international organizations that will further consider the topic of cyber war. The main question they raise in the document is whether it is legally and technologically possible to "isolate" protected humanitarian infrastructure from the "cloud" of unprotected objects in cyberspace, just as civilian objects enjoy the protection of international agreements during war.

The second problem proposed by the authors of the document is whether special markers can be used to indicate protected zones in cyberspace, just as the Red Cross indicates vehicles and other material objects under its protection.

In addition, international bodies have to decide whether any cyber weapons (viruses, worms, Trojans) are analogous to the types of weapons prohibited by the Geneva Protocol (for example, toxic gases).

Finally, given the difficulties of determining cyber war, the authors of the report proposed introducing a new legal regime to describe conflicts in cyberspace.

Perhaps the most interesting question raised in the report is how to interpret the principles of interstate conventions, while participants in cyber conflicts are not subjects of the state.

Andrei Korotkov admitted that even when the involvement of state structures in cyber attacks seems obvious to many, as was the case with Russia during the attacks on Estonia and Georgia in 2008, the state's involvement in the conflict has never been proven. In addition, the application of old interstate treaties is complicated by the fact that the geographical source of a cyber attack, as a rule, is not the state to which the attack can be beneficial.

Even if there are military conventions in the real world, their provisions are constantly violated, says Andrei Korotkov. However, it must be remembered that such violations lead to the emergence of international tribunals: Nuremberg and The Hague. It is possible, the expert believes that we will come to the creation of an authorized body that would have the right to judge hackers.

The decision to begin work on the rules of warfare in cyberspace was initiated in May 2010 at the First Cybersecurity Summit in Dallas. According to Andrei Korotkov, at that event in mass and representativeness, the American delegation significantly exceeded the Russian one. The American side was represented by more than 400 retired military, political leaders and information security specialists. Among the Russian participants, he named the rector of MTUSI, representatives of MGIMO and the "Coordination Center for the Internet."

Intelligence Gathering and Cyber Warfare

2017: US imposes regulations to hide vulnerabilities in intelligence and cyber warfare software

In November 2017, the US Government announced a regulation according to which the selection of ulicities in software will continue to be carried out for further use in the interests of law enforcement and law enforcement agencies.^[22]

Like other governments, the US authorities actively "collect" information about vulnerabilities and exploits for them, using it then for intelligence, collecting information about potential opponents, combating terrorism, ensuring cyber protection of critical infrastructure, as well as as auxiliary tools in the investigation of criminal cases.

In other words, if "state hackers" in the United States find any vulnerabilities that can be used for the above purposes, then the vendors of the vulnerable software are not informed about this. However, non-state cybersecurity experts have repeatedly argued that this approach is too dangerous for cybersecurity in general.

Firstly, organizations themselves that use vulnerable software are at risk, and secondly, "hidden" information about vulnerabilities and exploits may well become the property of all kinds of enemies - with far-reaching consequences. Examples of this are the catastrophic in scale and consequences that cyber attacks happened this year, when previously "leaked" exploits NSA were used for distribution. malware encoder WannaCry NSA exploits were later used in other, smaller cyber attacks.

Therefore, experts insisted, it is necessary to promptly inform software developers about the vulnerabilities found so that they can quickly release fixes.

The White House takes these calls into account, but chooses a different principle of action, reserving the right to decide which of the found zero-day software vulnerabilities to keep secret for special needs. The process is regulated by a document called Vulnerability Equities Process.

In one form or another, this regulation existed already in 2008, but it became public only in 2016, two years after the Electronic Frontier Foundation filed a lawsuit demanding the publication of the VEP in accordance with the Freedom of Information Act.

The next version of VEP, published in the first half of November 2017, answers many questions that appeared after the publication of the first version.

In particular, he describes in more detail and in detail the criteria by which vulnerabilities are selected, how this process is regulated, which structures are involved in it. The document also promises to publish quantitative statistics on vulnerabilities. In particular, how many of them the power structures decided to keep for themselves, and how many information was disclosed to vendors.

According to the document, most of the new and previously unknown vulnerabilities (zero-day vulnerabilities) will pass the VEP filter. A special committee, consisting of representatives of ten government agencies at once, including the CIA, the State Department, the Ministries of Defense, Justice and Finance, will meet monthly to discuss the collected vulnerabilities and decide how to deal with them next - to inform vendors or leave them for their own purposes.

Among the key criteria are the prevalence of vulnerable software development, the ease of detection and exploitation of the vulnerability, the possible consequences of exploitation, and how simple or difficult it will be to fix this vulnerability. In addition, the found "bugs" will be investigated for what value they can be for possible operations in cyberspace.

In some cases, information will be published on how to fix the vulnerability without any technical details about it itself. Some vulnerabilities will only be allowed to be exploited by some of the government agencies. Individual departments can submit a request to exploit vulnerabilities bypassing VEP, but only the National Security Council at the White House will decide on this. The whole process is overseen by Congress. In the latest version of the regulations for November 2017, it is prescribed what information will be provided to representatives of the legislative body in an open manner, and which - secret. In any case, reports for Congress will be prepared regularly. Experts express satisfaction with the fact that the next version of VEP provides much greater openness to the process of collecting vulnerabilities. However, Andrew Crocker, a lawyer for the Electronic Frontier Foundation, expressed concern that loopholes remain in the document for exploiting vulnerabilities by intelligence agencies bypassing VEP.

Of course, the use of vulnerabilities by states should be regulated, and the emergence of a publicly available regulation like VEP is a positive phenomenon, "said Georgy Lagoda, CEO of SEQ (formerly SEC Consult Services). - On the other hand, questions remain about its "applicability range." For example, will it regulate the creation and use of cyber weapons in conditions when the United States - like other countries - still does not officially recognize its existence. In general, the world needs an international agreement similar to, for example, the Geneva Conventions. By the way, just the other day, Microsoft leaders publicly proposed creating a "Digital Geneva Convention" describing unified methods for protecting civilians from cyber attacks and their possible consequences.

The text of the "Vulnerability Equities Process/VEP" can be found on the White House website.^[23]

Major participants in cyber wars

Russia is forced to take measures to contain other countries in the field of cyberspace and thus becomes involved in cyber wars. The key opponent in this area is traditionally the United States and its allies:

• Cyber ​ ​ war of Russia and the United States
• Cyber ​ ​ war of Russia and Great Britain

On February 25, 2022, information appeared that the Ukrainian Ministry of Defense turned to hackers for help in the confrontation with Russia. The messages sent by the Ukrainian military contain an offer to take part in the cyber war, but it is on the side of Ukraine:

• Cyber ​ ​ war of Russia and Ukraine

According to information about well-publicized hacks, North Russia USA Great Britain China India Iran Korea has the most developed cyber rage. The most destructive example of American cyber weapons was, Stuxnet worm which disabled centrifuges at an Iranian uranium enrichment plant. Chinese attacks are distinguished by their mass, persistent sending of phishing emails, which gives results.

• Cybercrime and cyber conflicts: Russia

Russian hackers, according to FireEye representatives, are most sophisticated: they use a personalized approach in sending phishing emails, hide malware traffic in data from public services such as Twitter, store stolen data on public file sharing sites, which is very difficult to track cybersecurity services, since access to these services in American departments and companies is often prohibited. Also, Russian hackers leave viruses in systems that secretly get to USB drives, which means they can get into ultra-secure circuits, like Stuxnet.

• Cybercrime and cyber conflicts: Ukraine

• Cybercrime and cyber conflicts: US

• Cybercrime and cyber conflicts: Europe

• Cybercrime and cyber conflicts: Israel

• Cybercrime and cyber conflicts: China

• Cybercrime and cyber conflicts: Iran

Iranian attacks, according to American cybersecurity experts, are most destructive. So, in 2012, as a result of them, 75% of the data on the computers of the Saudi energy company Aramco was destroyed, and last year a similar attack destroyed the computer system of the Las Vegas Sands casino in Las Vegas, owned by the main critic of the Iranian government Sheldon Adelson.

Perhaps the most attractive side of cyber operations is the ability to avoid, or at least postpone, the usual fighting with explosions and blood. Undoubtedly, cyber attacks are much "cleaner" and in most cases it is much more difficult to prove them. This article lists countries that may have used similar methods against other states. Accusations were made against each of these countries. And each of them invariably refuted them.

Cyber ​ ​ wars against Russia

2022: Presidential Administration: 90% of Russia's public sector infrastructure subjected to cyber attacks

Since the start of the Russian special operation in Ukraine (June 24, 2022), about 90% of the infrastructure of the public sector of the Russian Federation has faced cyber attacks to one degree or another. This was announced on June 16, 2022 by the head of the department of the Presidential Administration of the Russian Federation for the development of information and communication technologies and communication infrastructure Tatyana Matveeva.

According to her, at some point the power of DDoS attacks was 20 times higher than "all our previous any experiments during the existence of the Internet." In one way or another, more than 0.5 million people participated in cyber attacks, Matveeva said.

According to Igor Lyapunov, Vice President for Information Security of PJSC Rostelecom, in the first weeks after the start of the special operation, all the world's botnet resources available for attacks and presented for the sale of their "services" on the darknet were involved against Russian information resources. Cyber ​ ​ attack tools, usually sold for tens of thousands of dollars, were posted for free access, as were leak databases for all kinds of credentials and access to information resources.

Meanwhile, on June 16, 2022, Deputy Minister of Digital Development, Communications and Mass Media Alexander Shoitov said that it was too early to talk about a full-fledged cyber war against Russia. According to the regulation of the Ministry of Digital Development, which was presented by Shoitov, war is when a particular state or alliance conducts cyber attacks on the infrastructure of another state.

No state is officially behind cyber attacks on Russia, and now we assess them as terrorist actions in cyberspace. The same hackers who worked in the information field until February 24 are working. Only earlier was their task to steal funds or personal data to steal funds, and now they are working to destabilize the infrastructure of authorities and business bodies, the deputy minister said.[24]

Cyberwar between China and the United States

Main article: Cyber war between China and the United States

Other Cyber Conflict Participants

Afghanistan

2021: Check Point Software Technologies discovered a cyber attack on the Government of Afghanistan

On July 1, 2021, a team of researchers at Check Point Research (CPR), a division that Check Point Software Technologies provides solutions in the field cyber security around the world, discovered an active cyber espionage operation targeted by the Government. Afghanistan Presumably, the group is responsible for this operation. the Chinese hackers The attackers introduced themselves as employees of the Afghan presidential administration in order to penetrate the systems of the National Security Council (NSC), and also used them to Dropbox cover up their activities. Check Point Research experts believe this one was attack the latest in a lengthy operation that began back in 2014. Then Kyrgyzstan Uzbekistan other countries also became victims of cyber espionage.

According to the company, the Check Point Research investigation began in April 2021, when an official of the Afghan National Security Council received an email allegedly sent from the presidential administration. The letter contained a request to urgently check the changes in the document related to the upcoming press conference of the National Security Service.

The Check Point Research team briefly presented the cyber espionage technique in the form of the following algorithm:

• Send an email on behalf of a reputable organization. Attackers used deception tactics at the level of two ministries - an email was sent to an organization with a high status from the sender's mail addresses of the same level that also fell victim to cybercriminals.
• Attachment of malicious element. Hackers attached an archive file with malware to the letter under the guise of a secure attachment. In this case, the letter contained a password-protected RAR archive named NSC Press conference.rar.
• Opens the first document. The NSC Press conference.exe file extracted from the archive acts as a dropper. It follows from the letter that the attached file is a document, so the victim launches the executable file without any doubt. Hackers use a simple trick: after launching the dropper by the user, he opens the first document on the victim's desktop. Even if no such document was found to open, the dropper proceeds to the next step - loading the backdoor.
• Use of Dropbox as Command and Control Center (C&C). The backdoor connects to a pre-configured folder in Dropbox, which is created separately for each victim. From the folder address, the backdoor receives further commands and stores stolen information on it.

Cybercriminals use the Dropbox API to mask their malicious actions - without sharing data with suspicious sites. A backdoor configured by attackers creates a victim folder in a hacker-controlled Dropbox account. When they need to send a file or command to a compromised computer, they place them in the "d" subfolder of the victim's Dropbox folder. Malware accesses this folder and downloads its contents to the working folder. To ensure persistence, the backdoor configures the registry key to run every time a user logs on.

As part of this attack, Check Point Research specialists registered the following actions:

• Download and launch a scan tool that is used for targeted cyber attacks (APTs) by many hackers, including an active and successful group of Chinese APT10 hackers.
• Running built-in Windows network utilities.
• Access to the victim's files, in particular to documents on the desktop.

Identifying the facts of cyber espionage is a priority for us for July 2021. This time, we discovered an ongoing targeted campaign targeted by the Government of Afghanistan. We have reason to believe that Uzbekistan and Kyrgyzstan were also victims of these attacks. The information we have collected points to hackers from China. In this case, the attackers used interesting tactics to deceive one ministry on behalf of another. This tactic is very aggressive and effective: any employee will rush to do everything that is asked of him. In our example, cybercriminals managed to perform a number of actions among top-level officials. In addition, it is important to note that hackers used Dropbox to avoid detection. We should all keep this method in mind and take preventive measures. Perhaps this group of hackers also attacked other countries, although we do not yet know how many or which ones. For this reason, for July 2021, we provide a list of domains that may have been involved in the attack. We hope that their names will help cybersecurity specialists in further research that complements and develops the information we receive. narrated by Lotem Finkelsteen, lead cyber threat analysis expert at Check Point Software Technologies

NATO

"Russian hackers" paralyzed almost half of NATO's electronic infrastructure

The hacker group Killnet organized an attack on NATO's electronic infrastructure, almost half of it was paralyzed. This was announced on April 10, 2023 by the Mash Telegram channel.

It is noted that hackers conduct DDoS attacks, which is why it is impossible to log into accounts on resources.

The sites of the command for the development of hostilities, NATO agencies for support, support and procurement, training cyber centers fell under the distribution, the report said.

In addition, according to the publication, Killnet hacked NATO's communications and information agency - NCI - from where all personal data of employees was stolen. About 40% of the electronic infrastructure is paralyzed.

Killnet announced an attack on NATO infrastructure on April 9, 2023. The corresponding announcement appeared in the Telegram channel of the group. It indicates that this may be the "last KillNET attack" and that all members of the group "will be killed and transplanted after this event," but KillNET "is going to destroy NATO on the network." Members of the group called on the "hackgroups" to wait for notification within 48 hours.

Strictly speaking, the entire electronic infrastructure of NATO was under attack. From business and e-commerce divisions and resources to management headquarters and training systems, "the Killmilk group leader told Ленте.ру, specifying that during a large-scale DDoS attack, hackers managed to paralyze at least 60% of the alliance's electronic infrastructure, and the share of defeat continues to grow.

Many Russian media, including state-owned ones, call Killnet a Russian hacker group. She herself publishes messages in Russian.^[25]

NATO sites shut down after cyber attack

On February 12, 2023, several NATO websites stopped working after a massive cyber attack. The hacker group Killnet, which is called Russian, may be involved in it. Read more here.

Russian Foreign Ministry: NATO is practicing cyber strikes on Russian networks

At the end of January 2023, the Ministry of Foreign Affairs announced that the North Atlantic Alliance was practicing cyber strikes on Russian networks. In turn, the West accuses Russia of hacker attacks.

Exercises are held on a regular basis, including under the auspices of NATO, to work out strikes using ICT on Russian critical information infrastructure facilities. In particular, the defeat of state institutions in the Kaliningrad region and the Moscow energy system is being simulated, "Oleg Syromolotov, Deputy Foreign Minister of Russia, who oversees countering terrorism, told TASS.

According to him, the British systematically target their offensive capabilities in the information sphere at Russia. Britain is systematically working to promote Russophobia on the Internet, "scouring the truth" about Russia's foreign policy in the Western information field, the diplomat said.

A few days later, London and Kyiv held consultations on cyberproblematics. Then the "IT Army of Ukraine" made a statement about plans to attack the "Russian Post." It is regrettable, of course, to observe such a performance, designed, according to the idea of ​ ​ its directors, to justify the impending sabotage, - concluded Syromolotov.

The Deputy Foreign Minister of the Russian Federation also noted that, in his opinion, Western countries led by the United States "burned bridges" to continue the dialogue with Russia on international information security, and at the moment there are no prerequisites for the resumption of contacts.

I emphasize once again that this is not our choice, the Americans themselves burned the bridges. We will not run for anyone, "the diplomat said.

Western countries, in turn, blame cyber attacks Russia. BBC in January 2023, he reported an attack programs extortioners related to Russian hackers on the Royal Mail, Great Britain after which there was a failure to send mail abroad.^[26]

The United States will provide NATO with its cyber potential to protect against Russia

In the next few days, the United States will announce its readiness, if necessary, to provide NATO with its offensive and defensive capabilities in cyberspace. This was reported to the Reuters news agency in October 2018 by senior representatives of the US Department of Defense, concerned about Russia's activity in cyberspace.

NATO recognized cyberspace as an area of ​ ​ warfare along with land, air and sea back in 2014. Nevertheless, the alliance did not specify what consequences the use of cyber weapons entails.

"We will officially announce the readiness of the United States to offer NATO its capabilities in cyberspace if we are asked to do so," said Katie Wheelbarger, Assistant Deputy Secretary of Defense for International Security.

"This message is addressed primarily to Russia," said Wilbarger

According to the Assistant Deputy Secretary of Defense, the United States will continue to monitor its specialists and capabilities, but will resort to their help in the interests of NATO, if such a need arises. This step is part of an initiative proposed by the UK to strengthen the alliance's capabilities in cyberspace^[27].

NATO plans to expand the use of cyber attacks in "offensive defense"

NATO member countries plan to tighten countermeasures against state-funded hackers. According to Reuters in November 2017, among other things, the response will also include cyber attacks on enemy networks in order to disable them.

The United States, Britain, Germany, Norway, Spain, the Netherlands and Denmark are developing cyber warfare principles that will guide their military forces. The principles describe a much wider use of cyber attacks and could be adopted by early 2019.

"There is a possibility that NATO recognizes the offensive capabilities of computers on a par with aircraft and ships," said US Navy Commander Michael Widmann, speaking at the NATO Cooperative Cyber ​ ​ ​​Defence Center of Excellence in Tallinn.

According to some NATO representatives, cyber attacks on enemy electricity networks may be much more effective than air strikes. "I have to do a certain mission and I have air assets and I have computer assets. What suits me more to achieve the necessary goal?, " - quoted by Widman news agency^[28]."

Lithuania invited NATO members to jointly respond to cyber attacks

In early July 2017, Lithuanian President Dalia Grybauskaitė proposed adding a clause on cyber attacks to Article 5 of the Washington Treaty, TASS reports. The article instructs NATO members to jointly respond to an attack on one of the participating countries. The idea was voiced in Warsaw in Poland, during a meeting of the heads of European countries with US President Donald Trump^[29]

Grybauskaite called the inclusion of cyber defense in the fifth article "an important step" for Lithuania, and also listed other security issues of interest to the Baltic states. In her opinion, NATO member countries need a "faster and more effective" alliance.

The North Atlantic Treaty, concluded in Washington in the United States in 1949, defines the basic principles of relations between NATO members within the alliance. Article 5 agrees that "an armed attack on one or more of them in Europe or North America will be considered an attack on them as a whole." Accordingly, the country under attack should be given immediate assistance. Ways of providing assistance are at the discretion of the members of the alliance, up to the use of armed force.

It is specifically stipulated that these actions do not contradict the UN norms, in the charter of which there is Article 51, which guarantees states the right to individual or collective self-defense. Meanwhile, Article 6 of the Washington Treaty specifies that an attack on a country refers to an attack on its territory, including overseas possessions, as well as an attack on its armed forces, vessels or aircraft.

USA

Pentagon decided to use deepfakes to provide psychological impact on citizens of other countries

In early March 2023, it became known that the US Special Operations Command (SOCOM), responsible for some of the country's most secret military campaigns, intends to conduct propaganda and organize disinformation actions on the Internet using deepfakes. Read more here.

Pentagon allows cyber warfare to attack first

In June 2018, it became known that the US Armed Forces Cyber ​ ​ Command was given the right to carry out hacker attacks in order to prevent impending cyber attacks. The New York Times (NYT) learned about this from  the new strategy of the division. Read more here.

Britain

In 2017, Elizabeth II will open the British National Cybersecurity Center, whose main task will be to counter cyber attacks by Russian hackers. The main mission of the structure is to counter cyber attacks by Russian hackers. Finance Minister Philip Hammond emphasizes that "cyber attacks are happening more and more often, causing more and more damage, and they are increasingly difficult to detect."

Great Britain Since 2016, it has been implementing a 5-year strategy cyber security that will cost the government £1.9 billion ($2.38 billion). The main threat is considered. Russia The finance minister and MI5 director promise to defend the kingdom with "retaliatory strikes"^[30] will be implemented in several stages. The first stage is the opening of a national cybersecurity center. At the second stage, it is planned to introduce at least 100 positions of specialists in (information security information security) in the new hub (the first hub has already been opened in) London

The UK government has allocated $2.3 billion to develop an information security strategy over the next five years. This was stated by Finance Minister Philip Hammond, who promised that everyone who attacks his country in cyberspace will receive a "retaliatory blow." At the same time, Andrew Parker, head of the MI5 intelligence service, said that Russia is a growing threat to UK security because it uses cyber attacks to threaten the kingdom's industry, economy and military power. Parker argues that Russia is "using all of its government agencies and agencies to pursue international policy abroad in an increasingly aggressive manner - including propaganda, espionage, sabotage and cyber attacks." The head of MI5 said that the work of his department is to counter such threats.

Japan

On May 6, 2019, it became Ministry of Defense of Japan known that it would begin developing cyber weapons, which would be used exclusively for self-defense. It is assumed that harmful ON contractors will be engaged in the creation state , and work on it will be completed by the end of the 2019 financial year.

According to reports, the malware will include viruses and backdoors, but the authorities have not disclosed information about the capabilities of the program and the situations in which it will be involved. Presumably, the development will be used only in cases of attacks on Japanese structures and only against attackers.

A few years ago, Japan was already trying to create cyber weapons. In 2012, the government instructed Fujitsu to develop software to detect and neutralize sources of cyber attacks, but this project did not bring the desired results.

In January 2019, the Japanese government approved an amendment to the law giving employees of the National Institute of Information and Communication Technologies of Japan the right to hack citizens' IoT devices as part of a gadget security study. As part of the program, it is planned to check the security of more than 200 million IoT devices (routers, webcams, etc.), both home and corporate^[31]

Australia

In the fall of 2019, Australian intelligence managed to establish that China was behind the cyber attacks on the country's parliament and three largest political parties ahead of the May elections. This was reported to the Reuters news agency by at least five informed sources who wished to remain anonymous. According to sources, in March of this year, the Australian Signals Directorate established that the aforementioned cyber attacks were carried out by the Ministry of State Security of the PRC. The Australian authorities have prepared a corresponding report, including information obtained by the Australian Department of Foreign Affairs, but they intend to keep it secret in order to avoid a deterioration in trade and economic relations between the two states.

The Australian government did not press any charges towards China, and Prime Minister Scott Morrison's office declined to answer questions from Reuters. In turn, the Ministry of Foreign Affairs of the PRC refutes any accusations of cybercriminal activities, noting that the Internet is teeming with all kinds of theories that cannot be proved.

In the spring of 2018, Australian Cybersecurity Minister Angus Taylor issued an official statement accusing Russia of carrying out cyber attacks on Australian companies in August 2017^[32].

"Based

on Australian intelligence data and in consultation with our allies, the Australian government has determined that the responsibility for the incident in 2017 lies with individuals associated with the Russian government. Despite the fact that a significant number of Australian organizations were affected, there are no signs of compromising the information, "the minister said

.

The hackers used commercially available routers as an entry point, Taylor said.

According to Australian Defense Minister Marise Payne, about 400 Australian companies could potentially become victims of cyber attacks.

Turkey

The creation of a cyber threat monitoring and response center in Turkey was announced in September 2017 by the head of the country's Ministry of Transport, Shipping and Communications. The main task of the structure will be the fight against cybercrime. Also, the experts of the center will study the websites of companies, in the event of a vulnerability, inform the owners. "Companies that, having received such a notification, will not take action will also be punished," the press service of the department said. In addition, the issue of deciding on the creation of a cybersecurity department in all companies is being considered. Despite the fact that in Turkey three government agencies are responsible for ensuring cybersecurity - the Ministry of Transport, Shipping and Communications, the State Administration of Information Technology and Communications, the Council for Scientific and Technical Research of Turkey (TÜBİTAK), cybercrime and cyber threats are a serious problem in the country.

As the Turkish newspaper Sabah^[33]! reported in April 2016, local hackers made a series cyber attacks on government sites Armenia after the aggravation of the situation on the contact line in Nagorno-Karabakh. Responsibility for the massive - DDoS ataka was assumed by the Aslan Neferler Tim group. Cybercriminals declared their desire to support Azerbaijan due to the increased tension in relations with Armenia.

Information about difficulties in accessing the largest government information resources is also confirmed in Yerevan. Information security specialist Samvel Martirosyan said that a number of news sites in Armenia have the same problem.

Netherlands

In early October, the Dutch Minister of Security and Justice asked the country's parliament to pass a law allowing police to install spyware on private computers, remotely search computers in the country and abroad, and even delete "illegal files." It is recommended to seek the consent of foreign states, but this will by no means be mandatory. If such measures are introduced into legislation, the Dutch police will be able to use a variety of cyber warfare tools against foreign and their own citizens.

South Korea

Cybersecurity researchers from FireEye recorded in the summer of 2018 attacks by Russian and Chinese hackers on a number of facilities in South Korea on the eve of the US-DPRK summit. It is reported by The Wall Street Journal.

According to experts, these attacks are the work of groups that have previously taken part in hacking into the networks of ministries and financial institutions. Experts are currently assessing the damage caused in the attacks. In particular, experts named the Chinese hacker group TempTick, which has existed since about 2009, focused on South Korea and Japan, as the main suspects, and specializes in attacks on financial and government institutions, including the aerospace industry, as well as the Russian cyber espionage group Turla.

The South Korean authorities launched in 2017 the Best of the Best program to prepare an elite cyber unit to protect against hacker attacks from the DPRK, according to The Guardian^[34].

According to the head of the program, Kim Jing-seok, the main task of the program is to educate a whole generation of experts on protection against cyber threats. Thousands of cyber attacks are recorded in South Korea every day and information about most of them does not get into news publications, he said. Participants in the program are mostly youth ranging from high school students to those over the age of 20. The program provides an opportunity to learn from experts and learn unique skills in IT technologies.

North Korea (DPRK)

Main article: Cybercrime and cyber conflicts: DPRK

Vietnam

The cyber division of the Vietnamese People's Army has 10 thousand soldiers. This was mentioned at the end of 2017 by Senior Lieutenant General Nguyen Trong Nghia at a conference on propaganda issues, where the top of the Communist Party of Vietnam was invited. ^[35].

According to the Financial Times, Nguyen Trong Ngia reported the existence of a Force 47 unit in the Vietnamese People's Army, whose task is to combat "wrong" ideas spreading on the Internet. According to the lieutenant general, 63% of the total 96-mile population of Vietnam use the Internet, a technology that has both positive and negative aspects. Among the negative aspects, Nguyen Trong Ngia called the use of the global Network opponents to "create chaos."

"The Central

Military Commission is interested in creating permanent troops to combat the wrong points of view," the lieutenant general said. The military will involve the internal security departments of Vietnam in the creation of specialized cyber weapons, he added.

According to specialists of the information security company FireEye, Vietnam "has great capabilities in the field of cyber espionage in a poorly protected region." This year, a "powerful implementation campaign" was discovered in several organizations interested in business cooperation with Vietnam. This campaign was carried out in the interests of the Vietnamese government, FireEye experts noted. It was aimed at representatives of the Vietnamese diaspora in Australia and civil servants of the Philippines. However, the Vietnamese government says it does not allow cyber attacks on organizations or individual users.

Pakistan

blames cyber India Pakistan jihad attempts. India Pakistan is believed to be behind the online spread of rumours leading to a mass exodus of thousands of ethnic minorities from the southern city of Bangalore in fear of reprisals on ethnic and religious grounds.

Pakistani hackers hacked 35 Indian government sites in the fall of 2016 belonging to India's central or regional government. The cyber attack is seen as a response to protests that were held in India near the fortified demarcation line between the two countries. The attack on state websites shows that cyber warfare between India and Pakistan is gaining momentum. This was reported by the Indian resource The Economic Times^[36].

Among others, the Bihar government website stopped working, on the main page of which the inscription "The website is sealed by the patriots of Pakistan, * * * guys, we are invincible" appeared. On the website of the Bihar Knowledge Society, which also ceased operations, a Pakistani flag and the message "Haknutho by the Devil's Team" appeared.

Indian state sites are very unevenly protected from cyber threats. This time, the websites of the Jharkhand State Government, the Indian Securities and Exchange Council, the National Medium Advance Weather Forecast Center, Indian Railways and other poorly protected resources were hacked. The problem with these sites is that they use the hosting of small third-party vendors and do not perform government adjustments that oblige them to carry out all online activities through the National Center for Informatics. Well-protected government sites in India include the resources of the Ministry of Corporate Affairs, the Central Excise and Tax Administration, and others.

In early October 2016, the Pakistan Haxors Crew hacker group from Pakistan announced that more than 7,000 Indian sites had recently been hacked by its members. The list of compromised resources was posted on the Internet, it included sites of various non-governmental companies and organizations.

The reason for the aggravation of cyber war between India and Pakistan is considered armed clashes between Indian and Pakistani militants, which took place in late September and early October in the disputed region of Kashmir.

India

A number of companies specializing in computer data protection came to the conclusion (summer 2013) that most cyber attacks do not come from China, as is commonly believed, but from India. The list of targets for such attacks ranges from Pakistani government agencies to the Chicago Mercantile Exchange.

Several companies involved in the protection of personal computers have found that the generally accepted idea of ​ ​ China as the main source of hacker attacks is actually greatly exaggerated. Experts from these companies claim that most of these attacks come from a country that is rarely remembered in connection with cybercrime - India. According to Norwegian company Norman Shark, which has investigated data on cyber attacks over the past three years, most of them do not have "any traits that would give out a Chinese trace." "On the contrary, we began to notice other patterns, such as typical Indian names," The Wall Street Journal quoted Norman Shark analyst Snorre Fagerland as saying. In addition to the company from Norway, the analysis of data on cyber attacks was carried out by the American CrowdStrike, which followed the group of hackers from India for a year and a half, the Slovak company ESET, the Indian Network Intelligence India and F-Secure, based in Finland.

According to the researchers, the attackers used a targeted phishing strategy, sending letters and documents with malicious software to employees of various organizations. As soon as the program gained access to the computer, it obtained the necessary information and sent it back to the sender's address. At the same time, as noted in Norman Shark, hackers used 600 different websites, most of which are registered in India. The victims of cybercriminals were: Pakistan's National Emergency Management Agency, the Chicago Mercantile Exchange, Beijing Tsinghua University and other major organizations.

However, experts say, the discovery of the country where the hacker threat to the world comes from cannot yet give an answer to the question of who is behind the attacks. And new technologies for carrying out mass hacker attacks are appearing and spreading in countries such as India at a high speed, which further complicates the process of catching criminals.

Indian National Security Advisor Shivshankar Menon announced in January 2013 that the country's government plans to create a nationwide cybersecurity system that can protect the country's information networks from espionage, sabotage and other cyber threats. According to IBNLive, Shivshankar Menon said that the National Security Council of India has already approved the draft of such a system, and the details of its implementation are being clarified at the moment.

Indian officials express confidence that the new cybersecurity system will be able to protect both public networks and strategically important information networks of the country. Moreover, according to supporters of the project, India does not lack its own specialists or resources (including software and hardware) necessary for its implementation.

The authorized departments are instructed to ensure that all information networks of the country are certified and fully comply with legislative norms.

Shivshankar Menon also announced India's intention to organize its own production of silicon microchips. It is planned that microchips created in-house will be used at the country's nuclear power plants, as well as in the production of satellites and weapons systems intended for national needs.

It should be noted that a little earlier, the Indian government banned foreign companies from participating in tenders for the supply of equipment and components for the implementation of the National Broadband Fiber Optic Network (NFON) project.

The first on the black list of unreliable companies, according to the Indian authorities, were: Huawei and ZTE. A little later it was replenished: Alcatel Lucent, Ericsson and Nokia Networks (formerly NSN), which applied for participation in the tender for the implementation of the national gigabit passive optical network (GPON) project.

Representatives of a number of Indian companies, in particular Sai Systems, United Telecoms and ITI, have already announced their intention to participate in the tender.

Bulgaria

Killnet hackers attacked websites of Bulgarian president and government

Killnet hackers attacked the websites of the Bulgarian president and government. Also, the pages of the Constitutional Court, the Ministry of Finance and the Ministry of Health work intermittently. This became known on October 15, 2022.

Earlier, activists of the group "put" more than 20 sites of American airports^[37]

Armenia

For the first time, the actions of Armenian hackers attracted public attention in January-February 2000. The events of that winter were not only the first serious cyber clash between Armenia and Azerbaijan - in the digital world it is considered one of the first cyber wars at the interethnic level. However, this clash had a background that should be told separately^[38] it^[39].

1988-1999

In 1988, a territorial dispute over Nagorno-Karabakh unfolded between the Soviet republics of Armenia and Azerbaijan. In the early 90s, the Karabakh conflict develops into a large-scale war. In 1994, the parties sign a ceasefire agreement, but the conflict does not end, but goes into a protracted form. The territorial dispute remains unresolved until now. From the very beginning, the conflict is accompanied by a propaganda war - the parties use all possible platforms to present their truth about the conflict, declare who owns Nagorno-Karabakh and in every possible way denigrate the enemy.

The first clashes on the Web are connected precisely with the Karabakh conflict. Since the late 90s, battles have been fought not only on physical borders, but also on virtual fields. Many network groups are involved in the propaganda war - however, they act, for the most part, on their own. These are groups of enthusiasts who are not associated with government structures, who, out of patriotic beliefs, on their own initiative spend huge human resources on propaganda and anti-propaganda.

Aliyev.com - as a starting mechanism

In 1999, several representatives of the Armenian diaspora of the United States created a website aliyev.com. The resource broadcasts the position of the Armenian side, publishing incriminating data on the life and activities of Azerbaijani President Heydar Aliyev, the father of the current head of the Azerbaijani state Ilham Aliyev. Although then the term "information war" was not yet introduced into everyday life, the creation of aliyev.com can be considered one of its first manifestations. It should be noted that this war was partisan in nature - it was waged by small conspiratorial groups that hid behind anonymous nicknames.

As you might expect, in Azerbaijan aliyev.com was perceived with hostility. The response to the Armenian propaganda move came soon. However, it was not symmetrical. Azerbaijani hackers did not limit themselves to an attack on aliyev.com - they attacked other Armenian sites, thereby transferring virtual battles to another, larger level.

At the end of January 2000, two previously unknown Azerbaijani hacker groups appeared on the Internet: Green Revenge and Hijack Team 187. They started Operation Pink Champagne. Her goal was to debunk the activities of the resource aliyev.com. Azerbaijani hackers hacked into the sites of Armenian media resources, taking them under control. In addition to the media, lobbying companies and platforms dedicated to the topic of the 1915 Armenian genocide in Ottoman Turkey were also attacked. Under the sight of cyber activists fell not only sites registered in Armenia itself, but also resources belonging to the Armenian diaspora living abroad. On the hacked platforms, hackers posted proclamation statements that Karabakh will always be Azerbaijani, that Aliyev is the permanent leader of Azerbaijan and other messages in a similar style.

The Azerbaijani side controlled the Armenian information field for three days. It should be borne in mind that in those years both segments of the Internet - both Armenian and Azerbaijani - were poorly developed. There were many personal pages, but there were only a few dozen serious sites. Almost all of them were related to the media, large organizations and government agencies, so the attack on them was tangible. Among the attacked were the sites of the Public Television of Armenia, the Armenian Assembly of America, the Armenian National Committee of America and others. Here is an incomplete list of Armenian resources whose DNSs were "taken away." Given the underdevelopment of the Armenian segment of the network in those years, it looks impressive.

Armenian hackers responded to the call two weeks later. On February 11, The Liazor Group ("Liazor" in Armenian - authorized) took control of about 25 Azerbaijani sites, including resources belonging to international and foreign organizations operating in the republic - the local Soros Foundation and others.

Most sites have been defaced. On the hacked pages, hackers posted a picture of a toy in the form of a damn snuff box and the inscription "Don't trouble trouble until trouble troubles you." Some resources suffered more than others. For example, the interception of the site of the Azerbaijani socio-political newspaper Zerkalo was zerkalo-daily.com invisible to an external observer - the site continued to work as usual, while under the control of Armenian hackers. Liazor Group activists posted disinformation materials on it. In particular, articles appeared on the zerkalo-daily.com stating that official Baku allegedly agreed to concessions on the Karabakh issue. This fake news fell into the feeds of international news agencies and spread around the world as real news, putting the Azerbaijani leadership in a delicate position.

Outcome

For several days, most of the hacked sites of the Azerbaijani segment of the Web failed to return them to their rightful owners. The situation was at a standstill. Then the Minister of National Security of Azerbaijan Namig Abbasov made an official statement. He said that the country's leadership controls the activities of hacker groups. The politician's words served as a signal for a truce. Armenian hackers from the Liazor Group responded to the message of the head of the Azerbaijani MNB and decided to stop attacks on the enemy's virtual borders. On February 14, 2000, the first cyber war between Armenia and Azerbaijan was over.

The events of that winter of 2000 largely predetermined the development of the Armenian hacker community for many years to come. Subsequently, Armenian hacker groups almost completely rebuilt to war with Azerbaijan within the framework of the Karabakh conflict. The target of the attacks to a certain extent was also the Turkish segment of the network - here the dominant topic was the struggle to recognize the Armenian genocide. All this led to the fact that patriotic "hacking" began to prevail in Armenian cyberspace. This situation lasted quite a long time - almost until recently.

Moldova

• In 2009, the Republic of Moldova ratified the Budapest Convention on Combating Cybercrime and assumed various obligations to prevent and combat cybercrime^[40]. At the same time, the Law on the Prevention and Fight against Crime in the Field of Computer Information was approved, which has been repeatedly finalized over the past time. He began to regulate issues of countering cybercrime, including a system of mutual assistance in this area, mechanisms for protecting and assisting service providers and users of computer systems. This law also for the first time described the meaning of a number of basic terms^[41].
• In 2010, a department was created in the General Prosecutor's Office of Moldova to investigate such crimes.
• In 2013, it was decided to create a Cybercrime Center on the basis of the police.
• In 2016, a new law "On the Prosecutor's Office" was adopted. He made it possible to create a separate specialized prosecutor's office for combating organized crime and special cases, to empower it to investigate cybercrimes related to organized criminal groups, where the amount of damage exceeds 1 million lei. The department monitors the situation in the country and, if necessary, investigates cybercrime, and a separate prosecutor's office for organized crime, which investigates cybercrime, but only when it comes to organized crime and the damage is more than 1 million lei. The area of ​ ​ interest of the department is computer fraud, child pornography, violation of copyright and related rights, the manufacture of fake bank cards, payment tools, unauthorized access to communication networks, violation of the right to privacy of correspondence. But most of all violations are in the field of copyright and related rights and manipulations with payment instruments, bank cards.

In the Criminal Code of the country there is a chapter on information crimes and crimes in the field of telecommunications. It includes 10 articles establishing responsibility for this type of criminal offense:

• unauthorized access to computer information;
• improper production, import, sale or provision of hardware or software products;
• illegal interception of information data transmission;
• violation of the integrity of information data contained in the information system;
• impact on the operation of the information system;
• unlawful production, import, sale or provision of passwords, access codes or other similar data;
• forgery of information data;
• information fraud;
• violation of information systems security rules;
• unauthorized access to telecommunication networks and services.

Cybercrimes characteristic of Moldova - according to statistics for 2003-2015. in the first place - the manufacture and forgery of bank payment instruments, the second - violation of copyright and related rights. Infringement of copyright and related rights accounts for 256 cases during the specified period. In third place - violation of personal integrity (173 cases), violation of the secrecy of correspondence (55), child pornography (55). But all this data does not reflect the full picture. For example, not all banks in the country provide information that there were attempts to hack their electronic payment systems.

Kyrgyzstan

In order to ensure national cybersecurity in Kyrgyzstan, an analytical center for combating cyber threats will be created in 2017. The head of the State Committee for Information Technologies and Communications Bakyt Sharshembiev emphasizes that the work to ensure the country's cybersecurity is carried out by specialists from the GKNB and the Defense Council^[42] combat^[43].

In addition, the state plans to train its cybersecurity specialists. First of all, programmers, who are also lacking in the country, will join their ranks. The Kyrgyz Association of Software and Services Developers has proposed the creation of an IT academy based on professional lyceums. According to the head of the association, Aziz Abakirov, it will take one year to train specialists. "The first IT Academy is already working on the basis of professional lyceum No. 98, this experience now needs to be expanded. According to our calculations, we will release four thousand programmers annually. Thus, by 2030, 50 thousand specialists should be trained. But so far we have not been able to fulfill this plan, "he says.

Belarus

Main article: Information security in Belarus