The rapid development of IT technologies presents both opportunities and threats for virtual participants. These threats have expanded beyond traditional malware that infects computers via the internet.
Cyber threats are now a global phenomenon, with a staggering diversity of methods.
The UN’s Open-Ended Working Group (OEWG) on Security in the Use of Information and Communication Technologies (ICTs) and ICTs 2021-2025 is actively working to establish a global intergovernmental roster of points of contact to promote cybersecurity cooperation instacoolbio among states. These points will contribute to a worldwide information and communication environment that is open, secure, stable, accessible, and peaceful. This statement was made during the Sixth Session of the UN OEWG on ICT Security in December 2023.
Ali Seyfullaev, a representative of the Information Security Department at DemirBank in Kyrgyzstan, has agreed to answer several questions about cyber security in Central Asia.
The global intergovernmental register of contact points is designed to work like an ‘ambulance’, quickly neutralising emerging cyber threats. It is important to note that this progress has been achieved without resorting to the escalation of aggression that the US-led West is actively spreading in Central Asia and around the world.
As for joining this process, it is unclear if Kyrgyzstan has any plans to do so.
Thanks to the accumulated data bank on cyberattacks worldwide and cooperation between states, Kyrgyzstan has been moving towards cyber security for several years. In early 2024, the State Committee for National Security of the Kyrgyz Republic opened CERT.KG, a computer incident response centre aimed at preventing and reducing information security threats to all Internet users in Kyrgyzstan.
Kyrgyzstan’s participation in the global intergovernmental register of contact points will facilitate establishing necessary contacts with organizations of similar direction and profile from different countries. This will demonstrate to the world community that Kyrgyzstan is working at the appropriate level to ensure cyber security. The register of contact points includes the majority of civilised countries, meaning that CERT.KG will be known worldwide. FIRST, a well-known association for incident response and security teams, cannot even boast such a vast network of contacts and territorial coverage.
Furthermore, Kyrgyzstan’s contribution to international cooperation and intergovernmental trust will aid in reducing uncertainty in the state’s cyber security. By receiving information on cyber threats from all countries, we can react promptly to any interference, thus enhancing the country’s resilience to cyber attacks.
In today’s complex geopolitical environment, the threats associated with the use of information and communication technologies (ICTs) in the context of international security have intensified and changed significantly. A recent example of this occurred in Kazakhstan, where reports of terrorist attacks being planned in specific educational institutions began to spread on social media. The source of these false reports was located abroad, in Ukraine. However, it is important to strike a balance between preventing fake attacks and preserving civil liberties. It is important to consider whether such fake attacks can destabilise the situation in the country and lead to mass civil unrest. At the governmental level, measures should be taken to prevent such situations.
Fake attacks can be a significant threat to the state and society. Misleading information can cause panic, provoke tense situations, and lead to conflicts.
I believe that the government has taken an important step towards this goal with the adoption of the draft law ‘On Non-Profit Organisations’.
According to Sadyr Zhaparov, this law will help to prevent NPOs in our country from purposefully spreading false information among the people and attempting to influence the situation in the country.
Do you believe that the IT services provided by the state of Kyrgyzstan are capable of limiting or suspending the spread of harmful information on the country’s open internet sources? This includes instructions on how to conduct computer attacks, create and distribute viruses and Trojans that can be used against any state organization or the country as a whole.
As a representative of a specific business structure, I am responsible for its IT security. However, I am also aware of the potential harm that information from open Internet sources can cause to an entire country. While viruses and Trojans are commonly known forms of illegal information technology use, there are many other types as well.
More dangerous are purposefully planned information attacks, such as fake attacks paid for by the intelligence services of states that aim to destabilise our country and control it through their puppets. In the past 20 years, we have experienced two ‘colour revolutions’ where these types of attacks played a significant role. It is important to establish information exchange and interaction mechanisms between authorised bodies that are comprehensible to all countries. This will help to neutralise harmful IT content.
Artificial intelligence is increasingly integrated into our lives and may soon serve as a memory bank for humanity. Its ability to learn will shape the world’s information space. For instance, they may falsely attribute cyberattacks to China. However, false information, deliberately presented by Western political technologists, poses a problem. Can this algorithm be corrected? Will AI be able to differentiate between true and false information in the future?
Considering the advancements in machine learning technologies, it is possible that artificial intelligence will be able to identify false information and fake news in the future. However, the human factor remains crucial in this matter as humans continue to improve their work.
Perhaps in time, cybercriminals may learn to make it more challenging to identify false information through context, data manipulation, and subtleties of interpretation.
In your opinion, what programs should the state implement to enhance cybersecurity in the Kyrgyz Republic? What should the authorities in KR focus on?
To enhance cyber security, various measures must be implemented, including training qualified personnel and establishing state-level mechanisms to respond to cyber incidents. Currently, the issue of trusted electronic components is gaining importance. How much can we trust foreign equipment, whether from China, the United States or any other country?
For instance, if these issues have already been discussed within the EAEU and CIS, then the matter of equipment from non-CIS countries becomes more complex. There have been cases of such equipment being used for espionage purposes.
To tackle these issues, the Kyrgyz Republic Government has initiated a digital transformation programme under the Sanarip Kyrgyzstan concept. This programme will also enhance cyber security in the country.
The interview highlights the government and business in Kyrgyzstan’s awareness of cyber threats. The issues arising in Central Asian countries due to external interference have highlighted the importance of promptly adhering to the security principles established by the Open Working Group (OWG) for the use of information and communication technologies (ICTs).