The August edition of iTechnology.am is information security as it is becoming one of the most discussed topics around the globe. Security issues are popping everywhere. Armenia is a small drop in the ocean (with one and a half million Internet users and half million Facebook users) but it is also a target of malevolent actors. To bring you more insights about this topic, we talked to Samvel Martirosyan, media expert, who provided some good statistics and interesting information for our readers.
iTechnology.am: What basic knowledge and behaviors should a person have to be secure on the Internet?
Samvel Martirosyan: This is a good question and I can say a lot on it. I can answer from the other side: the average Armenian user knows almost nothing about the security on the Internet. The problem is this sector grew very fast in Armenia. During last 5 year we have witnessed a 7x grow in the number of users. And it is natural that those people are not all educated and trained to be secure. Quite often, people don’t even realize what the Internet is, what is a network or a browser. They just use it, mostly on social media.
I believe basic computer/Internet knowledge should be gained from school years. Today in the Armenian schools, informatics is taught as a mandatory course, but it does not give the real needed knowledge. There are some reasons for that: first the textbooks are old ones, since this sector developing at a high rate, and second, this is a subject where the kids know more and better then the teachers.
Now about the basics: first the user should imagine what is the network itself, second he/she should understand what is going on in the PC. The problematic point is that most Armenians don’t use original versions of software, which have a lot of bugs and can be vulnerable. Here we need to repeat most common advices: have long, not repeating passwords, don’t click any link until you know what it is, etc..
iTechnology.am: What about the information security in social media? What basics common users must know?
Samvel Martirosyan: While using social media the first rule is never trust what you have not seen with your own eyes. One should be very suspicious while in social media. People are sending a lot of spam, then they can recreate your profile, etc.. Be very suspicious of whatever you see on social media, especially when you are going to click it.
iTechnology.am: During your interviews you often talk on Armenian/Azeri cyberwar. What have been the latest hacking attempts? You mentioned Azeris have been a bit passive during last few months. Is there a reason behind it? Could it be that Armenian websites are more secure now?
Samvel Martirosyan: The latest hacking attempt was 2-3 weeks ago initiated by the Azeris. More than 100 Armenian websites were hacked. The “enemies” found some vulnerable points in some Armenian software companies and in result they have broken the websites developed and managed by those companies. There were different kinds of websites among the hacked ones, so I can not state that mostly news websites were broken. This time and, mostly often, the hackers paid attention to the quantity of hacked websites, so most of them were not very important or popular ones.
But a month ago some of government websites of Nagorno Karabagh Republic were successfully hacked by the Azeri hackers. In this case the vulnerable websites were of supreme importance.
The Azeri hackers are most active during January-February every year. This is connected with Black January and Khojaly events. Another standard period when the Azeri hackers are active is July-August, when most people are in vacation and therefore the security is not carried out properly.
iTechnology.am: We recently read the news about about the NSA cyberespionage efforts. Do you think Armenia is also being monitored? Who could be monitoring Armenian’s online activities?
Samvel Martirosyan: If we speak about Snowden’s disclosures and the map provided, we obviously see that Armenia was pictured in orange colour, which means that our country was quite interesting to take information from. There was no clear information how old was the map, but obviously it was picturing last years’ information. Another virus, called Red October, is hacking the worlds’ governmental and official websites. It is probably a Chinese one. And in the list of the infected countries Armenian websites are among most vulnerable ones. So, yes, Armenia’s online activities are monitored.
iTechnology.am: What is your mark for Armenian websites’ security? Are we still vulnerable?
Samvel Martirosyan: I think here we need to talk not only about hacked websites, but also the vulnerability of the networks. Because one thing is a hacked website, another thing is a broken network, which can be a source for secret and important information flow.
Since September 2009 all official websites and networks of Armenia are under the control of National Security office, so we don’t have any noisy cases of massive hackings in the official sector. But it is very difficult to give a common mark to non-official or non-governmental sector.
iTechnology.am: What steps should the government and companies take to be more secure?
Samvel Martirosyan: I already mentioned about the government’s initiative, besides I should say first people need to pay more attention to security. When contracting a website development, they should remember that security is as important as design.
iTechnology.am: Nowadays thousands of Armenians are online on social media, especially Facebook and odnoklassniku.ru. What helpful events, maybe seminars are organized by IT community to teach and to inform common users about their rights?
Samvel Martirosyan: Today’s statistics is that almost 1.6-1.7 million Armenian users are online on social media, including Facebook, Russian mail.ru, odnoklassniki.ru ,etc..
To tell the truth the trainings or seminars are not so helpful in this case, because they are not carried out with masses of people. Such events involve few people. In such cases we need more massive initiatives, like a video on a TV channel, which is available to almost everybody.
iTechnology.am: Do we have qualified security analysis, vulnerability assessment of Armenian companies operating from Armenia? Can you mention the best ones?
Samvel Martirosyan: Sure we have such companies which work for large businesses now. But some of them are also trying to engage medium businesses and do services with lower prices. I don’t want to mention any name, but if one studies the market, it is certainly a fast growing industry.
iTechnology.am: Do you think Armenia has the potential to develop an industry cluster (e.g. cryptography, network security) focused on cyber/information security?
Samvel Martirosyan: I can state that we have a developed sector of such companies, but they are not seen in the market. The reason is they mostly work for foreign companies and don’t have a need to be marketed here in Armenia. This is also common for other sectors of IT.
iTechnology.am: What steps should the Government take to foster the development of such an important industry worldwide?
Samvel Martirosyan: In my opinion this is an industry where the Government does not need to get involved. It should stay aside and never hinder the development.
iTechnology.am: What elements are necessary (e.g. resources and capabilities) to develop such industry? What is your evaluation of current consumer security products? Which ones you recommend? Symantec, Kaspersky, McAfee, etc?
Samvel Martirosyan: In Armenia the problem is that the average user and the official sector uses the most vulnerable systems - Microsoft products. The products created by Linux family can be more secure than most popular ones of Microsoft Corporation. And now there is a tendency in many countries of the world to use Linux products rather than Microsoft.
iTechnology.am: Thank You, Mr. Martirosyan, the talk was really helpful!