Hello and welcome to the Armenian News Network, Groong, In this Conversations on Groong episode, we’ll be talking about the War in Artsakh from the perspective of a cybersecurity expert who also served in it.
This episode was recorded on Tuesday, January 19, 2021.
In this episode of Conversations on Groong, we’ll be talking about the war in Artsakh from the perspective of a cyber-security expert who also ended up being drafted to serve in the war.
To talk about these issues, we are joined by:
Ruben Muradyan, who is a Yerevan-based cybersecurity analyst. He’s an independent researcher, and a frequent speaker on cybersecurity topics on ArmSec, BarCamp.
Experience being called up and participating in the war
Ethics of a security professional. What to do when a government member asks you to conduct greyhat (potentially unlawful or unethical) security?
On the 2nd day of the war Ruben was called up to the army as part of an infantry company.
Can you describe your experience?
● How were you drafted? And where did you serve?
● What specialty did you have in the army?
● What can you tell us about what you saw?
● Why did we lose the war?
Cyber Incidents During Artsakh War
All modern wars are accompanied by cyber-activities. Can we talk about what this looked like during the 44-day war?
Some major potential security incidents during the war:
● Gov.am and Primeminister.am defacement
● MFA compromise (or is it a part of a larger thing?)
● Metsamor NPP compromise
Out of tens of incidents registered by security experts, only a few were publicly acknowledged by the Armenian government and the results of such incidents were not published. Incidents varied and included defacement, denial of service attacks, leaks of personal information, as well as leaks of potentially sensitive data apparently from government agencies such as the foreign ministry and national security service.
What was the potential for offensive cyber-security operations by Azerbaijan to be leveraged to achieve results directly on the battlefield? How about radio-electronic warfare itself?
Is the lack of public response due to secrecy or is there a deeper issue such as being able to analyze incidents fully and understand their full impact?
Given Armenia’s need to restore military readiness especially in the areas of cyber-security, what are some key lessons for the Armenian side?
● Forget previous complex and not-implemented strategies.
● Institutionalized CERT that is independent from government.
● Cyber-security divisions in all government institutions.
● Acceptance and implementation of widely accepted NIST standards
● Prioritize the most easy-to-implement steps first.
That concludes this Conversations On Groong episode. We hope it was helpful in your understanding of some of the issues involved. We look forward to your feedback, including your suggestions for Conversation topics in the future. Contact us on our website, at groong.org, or on our Facebook Page “ANN - Groong”, or in our Facebook Group “Groong - Armenian News Network”.
Special thanks to Laura Osborn for providing the music for our podcast. On behalf of everyone in this episode, we wish you a good week. Don’t forget to subscribe to our channels, Like our pages and follow us on social media. Thank you for listening and we’ll talk to you soon.
Ruben Muradyan, Artsakh War, Karabakh War, Cyber Security, Information Security, Radio-electronic warfare, gov.am, primeminister.am, compromise, metsamor