Yesterday, a cyberattack was carried out against Delta Telekom, one of the country's main backbone operators. Although it appeared to be an ordinary technical issue at first glance, this incident cannot be considered a common occurrence.
Usually, DDoS attacks are regarded as normal cyber incidents against small organizations. However, attacks targeted at large companies, especially backbone providers, are more likely to be purposeful and commissioned.
In our opinion, the attack that took place yesterday should be evaluated as a serious risk directed at Azerbaijan's critical infrastructure.
It is possible that this step was carried out by some interested parties or cyber groups affiliated with foreign states. Suspicion regarding the source of the attack also supports this, and I noted these suspicions yesterday.
According to legislation, the list of critical organizations is closed. But when paying attention to the concept of "critical infrastructure," it is clear that Delta Telekom primarily belongs to such organizations. Because a large part of the internet provision for the country's main strategic institutions, state and financial sectors, passes precisely through this backbone.
This fact shows that yesterday’s attack was not accidental.
Especially in the current time, when the world is in turmoil, amid the increase of reciprocal physical and cyberattacks between countries, and the geopolitical situation is tense, such an incident is very thought-provoking.
In recent years, important steps have been taken in Azerbaijan to ensure the security of critical infrastructure: legislation has been adopted, authorities clarified, the National Cybersecurity Center was established under the State Security Service, personnel training conducted, methodological recommendations and instructions prepared for institutions, etc.
It is very likely that the quick elimination of the consequences of yesterday’s attack is precisely the result of these measures.
So, what should the next steps be?
In my opinion, it is very important to fully investigate the source and purpose of the attack.
Stronger anti-DDoS systems should be established, the flexibility and resilience of alternatives in the internet infrastructure should be increased, and resilience tests should be regularly conducted in critical organizations.
It can be assumed that interested parties might have wanted to “check” or test the resilience of the country’s critical infrastructure with this attack.
This is a serious warning.
Therefore, strengthening Azerbaijan’s digital sovereignty further should be one of the main issues every day.
Osman Gündüz,
Head of the Azerbaijan Internet Forum, Director of the Multimedia Center
