Advancing Afghanistan's Cybersecurity
|An instructor from Georgia teaches a class to a group of Afghan cyberprofessionals. The Afghans traveled to Turkey as part of a NATO program to improve cyberdefense in their home country.|
Sixteen Afghan cyberprofessionals set out along the fabled Silk Road earlier this year, but unlike those who traversed the routes during times past, they peddled no wares nor carried any desires to conquer. Rather, they journeyed to Turkey in search of skills that will help them turn a developing nation dealing with a vast array of cyberthreats into a place of stability with the technology capabilities necessary in the modern world.
NATO spearheaded this SILK-Afghanistan education effort that allowed Afghan representatives to attend a two-week course at Turkey’s Middle East Technical University (METU). That school was chosen both for its expertise and for the relative ease of logistics in hosting the event in Turkey. The Afghan students work in various institutions in their native nation, including universities in the city of Kabul and in other provinces, the country’s Ministry of Higher Education and the Afghan Telecommunications Regulatory Authority under the Ministry of Communications and Information Technology. Students also were chosen because of their roles in setting up the Afghan national database and because of a desire to enhance cooperation between two ministries in the government.
Program planners wanted to ensure that the experience benefitted organizations across the country. The crux of the training was to enable participants to respond to incidents on computer networks and to return to the networks they are supposed to manage with a better understanding of and reaction to cyber events. Main goals were to create institutional capability and increase public awareness of cyberthreats as well as to explain protective measures. Dr. Walter Kaffenberger, program manager, engagement directorate/partnerships section, NATO Public Diplomacy Division, explains that within Afghanistan is a tendency to think only in terms of Kabul, but the academic and research network NATO wants to see in the future will include all of the country’s more than 30 universities.
NATO did not manage the cyberdefense program independently; Georgia provided extra assistance as part of its ongoing commitment to the mission in Afghanistan. NATO’s Science for Peace and Security program has a rule that projects such as this one have co-directors, one from within NATO and one from a partner country. “To have Georgia came in quite handy in this regard,” Kaffenberger says.
Though the class was a first for NATO in terms of length, hands-on training and location within a computer laboratory, the idea of assisting partner nations with cyberdefense is not. The organization seeks to help countries improve their readiness for their own sakes and for the benefit of all member and partner nations because everyone is facing the same types of threats. Afghanistan requires special attention, however. “All networks in Afghanistan are basically open,” Kaffenberger explains. “There is no protection whatsoever.” He adds that that all machines installed in the country at the moment are heavily infected with problems. “Something urgently needs to be done with the networks,” Kaffenberger states.
Abdul Sattar Kakar, a student in the course who works as a lecturer and information technology manager at Kandahar University, confirms Kaffenberger’s assessment, saying his country has no cybersecurity measures now. “All our Internet service providers are foreign companies ... Afghanistan is now a safe ground for cyber attackers where they can do almost all possible attacks from, and spread the malicious codes, apps and viruses easily [to] attack the rest of the world,” he explains.
The training began with raising awareness of the cyberthreats Afghanistan faces and then moved into practical defense applications. Suleyman Anil, head of the Cyber Defence Section in NATO’s Emerging Security Challenges Division, says the class covered a gamut of technologies including Web portals, Web services and network routers so that professionals responsible for running computer networks in their facilities—which covers most attendees—know how to deal with certain levels of cybersecurity problems in their networks.
To prepare the initial course, planning personnel had to identify the goal of cyberdefense in partner nations and then determine the correct students. NATO worked with Cisco and Microsoft during course development. Determining the curriculum was tricky because of a wide array of platforms and because the 16 attendees have different backgrounds. Fortunately, the organization received support from officials in Kabul, and it has a good relationship with the Ministry of Higher Education, which helped decide the right certifications for the students to receive.
Anil says that NATO improves cyberdefense in Afghanistan and other countries because it helps the organization’s overall defense against cyberthreats. “This is a very good win-win project we did,” he explains. However, developing nations face certain problems less common in their more stable counterparts. Financial shortcomings and limited access often prevent them from acquiring the latest technical developments. In addition, many emerging nations have no national policy for cyberdefense. Though the class at METU did not cover development of such regulations, NATO has other platforms in place to assist with that process. Anil explains that cyberspace offers many unique opportunities, and for a country to take advantage of that, it must have cybercapabilities that are reliable and viable.
He continues by saying that the training in Turkey will help the students to speed up the process of moving their nation toward needed capabilities. Advancements that could take 25 or more years in other countries could occur in as little as 5 to 10 years in Afghanistan if citizens take advantage of learning how to operate in cyberspace and manage threats better.
In a separate workshop this month in Kabul, NATO is going to work again with Afghan cyberprofessionals on the topic of open-source software versus proprietary software to raise awareness of the former. No imminent plans exist to repeat the cyberdefense training with Afghans, but NATO does plan to repeat the same course with other countries requesting the education. Mongolia is in line to send students to attend the next class, but others are waiting. “This list is long,” Anil states.
The students in the premier course will use the skills they gained to enhance operations at home. Maihan Yaqubee, the network operations center manager of Kabul University who went through the class, says the training provided knowledge of cyber attacks and threats that attendees can use in the real network to protect resources and enhance security. Lessons learned in this training and additional programs will be delivered to other team members of each university, he explains.
Yaqubee attended the course because he is the technical person responsible for the internetworking of all universities in Kabul. “It’s very important for me to have the knowledge of cybersecurity and also to share the experiences of other countries dealing with such cases in their digital environment,” he says.
Afghanistan is building up services and capabilities, and like all nations, it relies on cyberspace to improve its offerings. As the country moves to digitize its resources, such as its educational system, finance system and media and communication system, the integrity and safety of these resources against cyber attacks “is a very crucial and important issue,” Yaqubee states.
“I learned much from the cyber experiences of the hosting countries which were shared, and also the content of the training was informative,” he adds, but the training was basic and helpful mostly for awareness, Yaqubee and several fellow students explain. NATO has plans to develop a more advanced course. Still, Yaqubee derived benefit from the experience. “If I consider the training at whole with all the participants, yes, I learned most of the important things I was expecting,” he explains. He also believes the training will help students identify the threats, find the security holes and protect against them as much as possible. The most common threats faced in Afghanistan today, according to Yaqubee, are denial-of-service attacks, information theft and unauthorized access of data, all of which are occurring across multiple Afghan systems.
The network manager, and all the students interviewed, appreciate the opportunity to partake in the training. Yaqubee would like such programs to continue and is eager to work on cybersecurity concepts in the future.
Fellow student Shafi Tokhi says that he participated in the program in part because of the importance of the Internet in daily operations. As it grows in prevalence, network administrators must work harder to prevent cyber attackers from pirating vital information. Tokhi is a lecturer on the computer science faculty at Herat University. He also serves as the head of the Network Operation Center there and is responsible for managing the Internet bandwidth and traffic throughout the faculty of the university.
Tokhi says every country needs safe and secure networks, online systems and catalogs to manage daily activities and operations better. Computerizing those activities and placing vital information online is risky; monitoring and management is necessary to prevent attackers from accessing, modifying and destroying it. He explains that the training he received in Turkey helped greatly with managing, configuring and monitoring the equipment necessary for safe and secure networks. “We are utilizing the latest technologies, and we are fully equipped with the latest hardware and equipment by the help of NATO,” Tokhi says.
He identifies several key threats to his country’s networks. “Unfortunately, Afghanistan has become a testing environment for many cyber attackers,” he says. These criminals spread malicious software via flash drives, constantly infect network services and resources and damage data availability, integrity, confidentiality and authorized access of the resources. The METU course was based on these problems, offering exercises through which students learned practical means of dealing with the problems.
University members who attended the course will share their knowledge with students and other lecturers, but they also will use their new information and skills to help consider the right criteria and concepts to adopt to improve cybersecurity on different projects. As Afghanistan progresses to put more systems online, Tokhi believes the country will cooperate more with NATO. In turn, NATO will help with building and managing infrastructure. He continues that his university plans to establish a computer emergency response team (CERT) that eventually will cooperate with other universities’ CERTS. “This issue is not discussed with NATO yet, but we have plans to ask them for their support if this could be applicable,” Tokhi states.
Kakar’s assessments line up closely with those of his fellow students. He feels the training exceeded his expectations in some ways, and he will try to implement almost all the essential security measures in his university, starting with ensuring the confidentiality, integrity and availability of the information technology services provided. He also wants to learn more and improve his own capabilities.
The universities under the NATO program communicate about issues regularly; they also obtain additional guidance from NATO. As with his fellow students, Kakar touts the value of the program and wants to see similar offerings. “SILK-Afghanistan is in my point of view the best project in regards to the development of Afghanistan by supporting higher education ... I think [that] development is only possible by having more scholars and professional workers,” he explains, adding that he wants the project to extend until Afghanistan is capable of working on its own.