GEORGIA S SUCCESSFUL JOURNEY TO E-GOVERNMENT

Transcription

1 GEORGIA S SUCCESSFUL JOURNEY TO E-GOVERNMENT E-GOVERNMENT DEVELOPMENT IN GEORGIA Irakli Gvenetadze LEPL Data Exchange Agency Ministry of Justice of Georgia

2 GEORGIA

3 GEORGIA COUNTRY PROFILE Population: 4.2 million Capital: Tbilisi Area: 69,700 sq. km Highest point is Mkinvartsveri 5047 meter

4 GEORGIAN ALPHABET

5 GEORGIAN NATIONAL COSTUME

6 UN E-GOVERNMENT SURVEY 2014 GEORGIA Rank 2014 Rank 2012 Rank 2010 Rank 2008 E-Government E-Participation

7 GDP PER CAPITA

8 RELATION BETWEEN EGDI AND NATIONAL INCOME (GNI PER CAPITA), LOVER-MIDDLE INCOME COUNTRIES

9 WHERE GEORGIA STARTED FROM Business Registry Create information systems Digitalize internal information resources Automate information flows Create data centers Establish connection between agencies and regional offices

10 IT CRUCIAL TO DELIVER REFORM BENEFITS In Georgia, reforms were taking place actively since M ain attention was paid to business process optimization and transparency in organization processes. Reform Efficiency Transparency Time Cost Availability Accountability INFORMATION TECHNOLOGIES

11 IMPLEMENTED PROJECTS P roperty registration, e-abstracts, Business Registry Civil Registry e-id and e-signature Biometrical Passport e-filing system in the Ministry of Finance of Georgia- 90 % of taxpayers are actively using this system; Automation of tax and customs systems (the process is ongoing as reforms taking place in this direction require changes in business processes); Case management system of tax dispute resolution; Central data storage and reporting system; Electronic Treasury project. e-treasury Cash register management automation project-planned for next year; Electronic system for writing out VAT invoices; Automation of the Ministry of Internal Affairs; Case management program for Ombudsman; Computerization of schools. Schools are equipped with computers and by the end of the this year all schools (2300) will be connected to internet; Netbooks for all first graders Student Information System-ongoing; National school exam on-line Automated case management system for court system; project is in decisive phase and system is being introduced in offices Centralized criminal case management is being introduced; e-procurement; e-auction of state property; e-auction of real estate of Tbilisi City Hall; Automation project of Enforcement Bureau e-notary project; Electronic directory system for state newspaper and legislative base Official Gazette; Automation project of Social Subsidies Agency Real Time Gross Settlement System of National Bank Investment Management System of National Bank Core Banking System of National Bank Chancellery automation project is being implemented in all large ministries. Criminal case management system

12 RECURRING PROBLEMS Limited budget No security Shortage of qualified personnel No standards Infrastructure expensive Data incompatibility

13 GGN GEORGIAN GOVERNMENTAL NETWORK Design and tender procurement Contract signed Sept. 1, governmental offices connected by the end of 2007 More than 500 governmental offices connected in 2008 Since 2009, more than 1,000 governmental connections including schools Government connected throughout Georgia with no investment, only paid 25% of commercial prices for internet and telephone.

14 E-GOVERNMENT COMMISSION E-government development consulting body for government of Georgia Steering committee for GGN project

15 ARCHITECTURE OF E-GOVERNANCE SERVICES

16 ORGANIZATION CENTRIC

17 CITIZEN CENTRIC

18 CONNECTED GOVERNMENT Receive Information in Real Time Effectively Distribute Resources Health Care and Social Security Monitor Results Proper Planning of State Budget Municipalities Agriculture Data Exchange Agency Georgian Government Gateway Redundancies Eliminated Education

19 CITIZEN S CENTRIC SYSTEM Unified Automated Statistical Data State E-Governance System Automated Data Processing Medical Service Migration, Registration Education Property Demographic and other Personal Data CITIZEN Economic Activities State Development Planning, Forecast Social Condition Effective Public Policy

20 DEA DATA EXCHANGE AGENCY Due to the abovementioned problems, the need for establishment of an entity with relevant authority became inevitable, which would support the following activities: Development and coordination of E-Governance Development of legal and regulative framework Ensure information and cyber security Establishment of the integrated data exchange system and ensure access to information resources Parliament of Georgia adopted a law on the establishment of Legal entity of public law under the Ministry of Justice of Georgia - Data Exchange Agency on the basis of which since 1 January 2010, Data Exchange Agency (DEA) started its activities.

21 E-GOVERNMENT GOVERNANCE ECO SYSTEM Government of Georgia PM Ministry of Justice E-Government Governmental Commission Data Exchange Agency CIO Council - Consulting Body for Government 1. Implementation Body for Government 2. Administration Body for Commissions

22 DATA EXCHANGE INFRASTRUCTURE Citizen Ministry of Justice Response Ministry of Finance Bank Data Exchange Agency Request Ministry of Education Business Request Ministry of Health Response Other ministries Ministry of Internal Affairs

23 G3 GEORGIAN GOVERNMENTAL GATEWAY

24 G3 FUNCTIONAL DESIGN External Applications Portal e-services Catalog Submission application (not a part of GG delivery) e-forms SOAP API WS Federation Web Interface GovTalk HTTP POST Web Services (SOAP) Submission() Storages SQL Identity provider Registration & Enrolment Audit and Monitoring Audit log Transaction & Messaging Receiving module Priority Services Notification engine Known facts Admin Msgs Submission logging Routing Services Application Integration DIS Audit and Monitoring Audit log Internal Information System Communicationto Receiving module

25 MY.GOV.GE CITIZEN S PORTAL

26 CITIZEN S PERSONAL PAGE

27 PROPERTY

28 CITIZEN S ADDRESS OF REGISTRATION

29 ONLINE BUSINESS REGISTRATION

30 UTILITY PAYMENTS

31 RECOMMENDATION TO IMPROVE SERVICES

32 DEA Citizen s portal Joint document exchange system Guaranteed electronic delivery system Trade facilitation System TFS

33 TRADE FACILITATION SYSTEM TFS See Ports International Traders Shipping Lines Suppliers Trade Facilitation System Forwarder Companies Railway Tax & Custom Banks & Insurance Companies Terminals

34 E-ID CARD

35 ID CARD - WHAT IS IT? WHAT IT DOES? Identification Document Travel Document Proximity Card Online Identification Digital Signature

36 ID CARD - ONE CHIP - TWO INTERFACES Contact Contactless

37 PUBLIC SERVICE HALL - TBILISI

38 CONTACTLESS INTERFACE Work ID Card Proximity Card Loyalty Card Student Card Many other uses

39 CONTACT INTERFACE TWO CERTIFICATES Online Identification Digital Signature

40 PUBLIC SERVICE HALL EVERYTHING IN ONE SPACE

41 PUBLIC SERVICE HALL EVERYTHING IN ONE SPACE

42 PUBLIC SERVICE HALL EVERYTHING IN ONE SPACE

43 PUBLIC SERVICE HALL EVERYTHING IN ONE SPACE

44 PUBLIC SERVICE HALL EVERYTHING IN ONE SPACE

45 BATUMI

46 KVARELI

47 RUSTAVI

48 KUTAISI

49 OZURGETI

50 MESTIA

51 TBILISI SEPTEMBER 2012

52 E-GOVERNMENT LEGISLATIVE FRAMEWORK e-document and e-signature law 2007 Law on Creation of Data Exchange Agency 2010 Law on Unified Information Registry 2011 Law on Information Security 2012 Law on Personal Data Protection 2012

53 LAW OF GEORGIA ON UNIFIED STATE REGISTRY OF INFORMATION Aim of the Law: establishment of a unified state registry of registers, databases, services and information systems within the public sector of Georgia A supplementary act Instruction on standards and procedures of working with the Registry of Registers, as well as manual on the use of web-portal Categories of information to be submitted: Establishment of a registry or service (initial registration) Significant amendment of a registry or service Merger, division, revocation, deletion, transfer or archiving a registry or service Data Exchange Agency as implementer

54 E-GOVERNMENT STRATEGY

55 E-GOVERNMENT STRATEGY e-services e-participation and Open Government e-health Public Finance Management System e-business ICT-Hub Georgia Infrastructure e-security Skills and e-inclusion Enabling frameworks and governance Awareness

56 INFORMATIONAL SECURITY AVAILABILITY INTEGRITY CONFIDENTIALITY false information network jamming intrusions information stealing system paralyzing

57 CYBER SECURITY ECOSYSTEM Security Council Minister of Justice Data Exchange Agency Ministry of Internal Affair 24/7 Cyber Crime Unit Minister of Defense Military Cyber Defense Unit

58 AUGUST 2008 Cyber attacks had far less impact on Georgia than they might on a more Internet-dependent county, where vital services like transportation, power and banking are tied to the Internet. Although reasons were also very crucial in terms of war in the country: Misinformation of real facts by Russian Media Aggression and patriotic spirit of Russian supporters. Block and cut off Georgian Internet resources Shut down media, forums, blogs in Georgia. Impact on the Georgia's visibility on the internet and ability to communicate with the world. Make panic and as much damage as possible to the critical infrastructures. 58

59 Who Attacked? Traffic origin comparison by hits 08/08/08 Before Attack Started 09/08/08 Under Attack Romania Record Holder! Guatemala & Indonesia? Who are these guys?!! 10/08/08 Only Georgian traffic allow ed

60 Who Attacked? You are loosers and will fail again just like in 90ies

61 Types of attacks beside physical Romania, Telecom Italia, Roma FreeBit, Tokyo France Telecom, Toulouse VolgaTelecom, Orenburg, Russia Link Egypt, Dokki-Giza Telefonica O2 Czech Republic, Prague Telefonica de Espana, Madrid Qualitynet Co., Kuwait Techauna AUNA, Barcelona Nexon Asia Pacific, Sydney Amazon Web Services, Seattle Telia Network, Sweden Belgacom ISP SA/NV, Bruxelles Business Communication Agency, Russia Telgua, Guatemala Free SAS / ProXad, France Makedonski Telekom, Skopje Universal Telecom, Kiev, Ukraine Types of attacks: - SYN Flood - Ping Flood - Http Flood - Defacement - SPAM - SQL Injections Protocols: - HTTP - ICMP - FTP - SMTP - DNS - BGP

62 WHAT WE KNOW ABOUT HOW IT WAS DONE POWER TO THE PEOPLE Russian Hackers web sites (StopGeorgia.ru and Xakep.ru) spreaded all necessary information and tools how to attack Georgian web-sites Target web sites and codes for attacks were posted in comments of hundred forums, blogs, news and entertainment web-sites Interested individuals were asking others to help and to join in by continually sending ICMP traffic via the 'ping' and explaining how to do it. At the same time ready bat files designed to attack Georgian websites detailed list of websites attack Georgian websites were spreader using file exchange programs. Exam ple: Interpressnews.ge (New s agency) detected traffic of about 150 MB. Site was periodically going down or working too slow

63 WHAT WE KNOW ABOUT HOW IT WAS DONE HACKERS TRICKS Geographically distributed BOTNETS * sessions per IP per server SQL INJECTION of more than 100 sites *Exam ples: ww.president.gov.ge/index.php?l=g&m =0&sm=3&id=2693+union+select+1,2,3,4,5,6,7,8,9,0,1,2,3,4,5 Attempts of BGP hijacking Websites hacking *Maybe hackers knew some passwords Spamming of addresses According to many facts, It seems that cyber attacks were planned before the actual war started.

64 Approximately 90% of all gov.ge domain addresses and significant fraction of.ge domain addresses were affected by DDos attacks.

65

66 Government and so on

67 News and so on.

68 EVERYTHING ELSE and so on

69 Things to wonder about From Shadowserver, sampling of previous DDoS targets from the same botnets involved in the Georgia attacks: carder.biz Divaescort.com payclubs.biz night-fairy.com vodkaescort.net cc-hack.eu igame.ru i-german.net

70 HOW MEDIA CAN INFLUENCE THE WORLD Attacks of civil.ge after news that Estonia is in business of site hosting 70

71 WIN32/GEORBOT Malware was found in Georgian Governmental Agencies including ministries, parliament, banks, NGO s. Purpose of the malware was Collecting Sensitive, Confidential Information about Georgian and American Security Documents 71

72 WIN32/GEORBOT The Win32/Georbot malware has the following functionalities for stealing information from an infected system: Send any file from the local hard drive to the remote server. Steal certificates Search the hard drive for Microsoft Word documents Search the hard drive for remote desktop configuration files Take screenshots Record audio using the microphone Record video using the webcam Scan the local network to identify other hosts on the same network Execute arbitrary commands on the infected system The commands are activated manually and were sent to each host individually rather than being broadcast to all infected hosts. 72

73 TARGETED AUDIENCE Cyber Attack was designed very smartly. Various Georgian News-Related web-sites were hacked and modified only Specific News pages (eg. NATO delegation Visit in Georgia, US-Georgian Agreements and Meetings, Georgian Military NEWS) Site about the NEWS from Caucasian Region Caucasus Energy and Infrastructure Georgian NEWS Site Georgian NEWS Site Georgian NEWS Site Georgian NEWS Site Georgian NEWS Site Georgian NEWS Site Georgian NEWS Site 73

74 EXAMPLE OF INJECTED SCRIPT INTO THE HACKED NEWS WEBSITE 74

75 WIN32/GEORBOT COMMAND & CONTROL SERVERS September, 2010 georgiaonline.xp3.biz (United States) FreeWebHostingArea.com March, 2011 ema.gov.ge (Georgia) (hacked webserver) April, (France) OVH Hosting June, / (Germany) DME Hosting October, (Hungary) Net23.hu November, (United States) December, (Czech Republic) January, (Germany) DME Hosting March, (Germany) DME Hosting 75

76 GEORBOT Not detected with Major Antivirus Product, Bypasses Windows 7 sp1 patched, with Firewall enabled. After Executing calc.exe itself does 3 major things: Before installing bot checks if the computer is located in UTC+3, UTC+4 Time-zone. injecting into iexplorer.exe and communicating to defaced sites, for C&C address retrieval creating usbserv.exe bot file in Application Data directory, and writing it to autorun in Windows Registry. 76

77 LEGAL FRAMEWORK Cyber Security Strategy for E-Government Strategy for Other Strategic Documents 1. Information Security Law (2012) 2. Personal Data Protection ( 2012) 3. Cyber Crime Chapter on Crime Code. (U 2010) 1. Cyber Crime Convention 24/7 2. All Major IPR Conventions 3. Processing of Personal Data Conventions (1981) CERT.GOV.GE Computer emergency Response Team Charter Presidential Decrees Approval List of Critical Information System Subjects. Requirements of Information Security Officer working in Critical Information System Subjects. Decrees of Network Sensor Configuration. Decrees of Minimal Security Requirements for Critical Information System Subjects. Decrees of Asset Management Requirements for Critical Information System Subjects. Decrees of Information Security Audit Body Accreditation. Decrees of Information Security Audit Requirements in Critical Information System Subjects

78 CYBER SECURITY STRATEGY OF GEORGIA Basic Principles Cyber Security Strategy Whole-of-Government Approach. Public-private Cooperation. Active International Cooperation. Cyber Security Strategy Main Domains Research and analysis New legislative framework Institutional coordination for ensuring cyber security Public awareness and education International cooperation

79 INFORMATION AND CYBER SECURITY Information Security policy development, implementation, monitoring. CERT.GOV.GE (Computer Emergency Response Team) Military Public Sector + Subject of Critical Infrastructure Systems State Secret

80 INFORMATION SECURITY & POLICY DIVISION Information Security Team CERT.GOV.GE Team All Team Members are BSI Certified Professionals: BSI/ISO (Information Security) LI/LA BSI/ISO (Business Continuity) LI/LA BSI/ISO 9001 (Quality Management) LA All CERT Team members are SANS Certified Professionals: SANS GIAC Certified Professionals ISO (Risk Management) 4 Member of the team are: CISM (Certified Information Security Manager) 2 Member of the team are: CISA (Certified Information System Auditor)

81 INFORMATION SECURITY Management Services Consulting Service Review of Information Securitydocumentation: Policy, Plans, Audit reportand etc. 36 ISMS Implementation Service Current Projects: Service Development Agency; Public Registry of Georgia 2 Certified Course in Management Systems ( Introduction, Implementation and Internal Auditin Information Security Management Systems, Certification Exam). 105 NATO SPS Project Trained Professionals from Moldova and Montenegro 40 Information Systems Audit Service

82 CERT.GOV.GE CERT.GOV.GE The Cyber security Executing Arm Of The UNITED NATIONS SPECIALISED AGENCY of The International Telecommunication Union (ITU) Partners: The Trusted Introducer - a.k.a. TI - is the trusted backbone of the Security and Incident Response Team community in Europe FIRST is an international confederation of trusted computer incident response teams who cooperatively handle computer security incidents and promote incident prevention programs. CERT-EE

83 CERT.GOV.GE Services and Activities Proactive Services: Incident Handling IncidentSupport System Detection of Infected Web Sites Safe DNS Other Services: Source and Binary Code Analyze Service. Malware Analyze Service. Penetration Test Service Monitoring Service IP Monitoring Services. Network Monitoring System Special Activities & Awareness Cyber Security Forum Annual GITI Regional Conference Website (dea.gov.ge), Facebook (certgovge) Media Campaign (TV, Internet) Wall Calendar 83 Course in Cyber Security and Incident Handling Basic Incident Handling 20 NATO SPS Project Trained Professionals from Afghan, Macedonia, Moldova and Montenegro 90

84 INFORMATION SECURITY AWARENESS

85 GITI GEORGIAN IT INNOVATION EVENT 2008

86 THANK YOU FOR YOUR ATTENTION! Irakli Gvenetadze LEPL Data Exchange Agency Ministry of Justice of Georgia