ITU to Help Member Countries Better Secure Their Websites

By Peter Bernstein November 21, 2013

The four-day International Telecommunication Union (ITU) World event is underway in Bangkok. Kicking things off for this specialized agency of the United Nations (UN) were several calls for ICT ecosystem unity.

Speakers from around the world implored those in attendance to actively engage with each other to facilitate acceleration of pervasive broadband deployment. The common theme was that national and international policy makers, ICT product and services providers, members of their entire value chains, fierce competitors in adjacent industries seeking hegemony, the financial community and other stakeholders all have common cause and need to work together with some urgency to break down the barriers impeding more rapid broadband deployments.

Image via Shutterstock

It should also be noted that the ITU announced its support of humanitarian health efforts to aid victims of Typhoon Haiyan in the form a donations for emergency communications equipment to the World Health Organization and Philippines government crisis response units.

Along with the usual ITU discussion/bickering surrounding its mandates to coordinate use of the radio spectrum and satellite orbits, and assist in variety of ways including development of technical standards to improve telecoms infrastructure around the world, and working on things like Internet accessibility, security is now right up there with broadband deployment as a top and possibly more urgent concern.

In fact, in the wake the continuing rollout of revelations from the NSA scandal, hackers targeting the Singapore government website and the Affordable Care Act, and a host of other organized crime and state-sponsored cyber attacks, the ITU is looking to help member states better protect their websites.  In this regard, the agency has announced availability of a rather expansive toolset to ensure websites of its 193 member states are much better protected from being compromised. It is part of ITU’s Global Cybersecurity Agenda (GCA) framework for international cooperation— aimed at proposing strategies for solutions to enhance confidence and security that builds on existing national and regional initiatives to avoid duplication of work and encourage collaboration amongst all relevant partners. The GCA itself is housed in The International Multilateral Partnership Against Cyber Threats (IMPACT) which operates under ITU auspices.  

A featured part of the toolset, which includes advanced evaluation and remediation capabilities, is ImmuniWeb from Geneva, Switzerland-based High-Tech Bridge. The reason for inclusion in the package is that ImmuniWeb provides security assessment solutions through a Software-as-a-Service (SaaS) delivery model. It is a unique hybrid service that combines a state-of-the-art Web security scanner for automated vulnerability assessment, and an accurate manual Web application penetration test performed in parallel by security experts.

Commenting on the announcement, ITU Secretary-General Dr Hamadoun I. Touré, pictured at right, stated, “This partnership with High-Tech Bridge, within the framework of the ITU-IMPACT initiative, will assist Member States, in particular developing and least developed countries, to use these tools to improve the security of their websites and counter cyber threats and related vulnerabilities.”

Ilia Kolochenko, High-Tech Bridge CEO, noted: “Web application security is one of the weakest links in corporate information security today. In our experience at High-Tech Bridge, almost 90 per cent of security incidents directly or indirectly involve insecure Web applications. Many government institutions don’t have enough resources to prioritize information risks and this is why government websites often become the victims of hackers. ImmuniWeb SaaS from High-Tech Bridge will enable governments to evaluate the state of their Web security in a fast, simple and affordable manner. ImmuniWeb is a perfect decision-making tool that can help even non-technical people to understand their information security risks and properly remediate them. We are proud to be an ITU partner and to be able to deliver our security solution to governmental and state websites.”

If you are not familiar with the ITU-IMPACT initiative, the following ITU Q&A with High-Tech on the latest developments is a nice primer. 

Why is the ITU doing this now?

This initiative comes off the back of an increasing hacking problem worldwide for websites of all types - from retailers to governments. As information security threats increase and hacking becomes more commonplace, the importance of Web security has also grown.

What is the ITU-IMPACT initiative?

The ITU-IMPACT (International Multilateral Partnership Against Cyber Threats) initiative helps UN countries track and overcome cyber threats. This landmark agreement was signed during the World Summit for Information Society 2011 (WSIS) Forum in Geneva, May 2011, and is tasked with the responsibility of providing cyber security assistance and support to ITU’s 193 Member States and other organizations within the UN.

How will the initiative be delivered?

The initiative will be delivered through a toolkit of website security assessment solutions such as ImmuniWeb, a cloud-based Software-as-a-Service (SaaS) delivery model that combines automated Web vulnerability scanning with accurate manual Web application penetration testing.

How many countries will this initiative impact?

Currently there are 30 countries worldwide, including some from each continent, that have signed up to benefit from the toolkit. All 30 of these countries will be using High-Tech Bridge’s ImmuniWeb Security Assessment from Nov. 19, with the remaining countries becoming members by 2017.

What sort of information are hackers looking for?

The majority of hackers attacking government websites are economically and politically motivated, so are specifically looking for access to confidential databases and personal details.

Why do hackers target governments?

Hackers target governments because these websites are not as secure as individual websites due to their size and the number of sub-domains under each, plus the fact that their security is more often than not outsourced.

What are these governments doing at the moment to protect their websites? 

By joining the ITU-IMPACT initiative, the UN governments are combining their efforts to make all of their websites more secure.

The concentration at the moment by the Secretary in singling out developing nations in particular for help makes sense. Unfortunately, cyber attacks do not respect borders or other boundaries, and government websites are what in the military are known as “high value” targets for a host of obvious reasons. This is true for nation-sponsored attackers, domestic political malcontents, criminals looking to steal identities and create a monetization event (aka the stories about hacker interest in the U.S. Affordable Care Act site) and just those looking to create havoc.  What is encouraging in ITU-IMPACT and this latest development is that the haves are willing to share with the have nots, and that the tools being provided while not fail-safe are certainly going to present a major deterrent to those with malicious intent. 




Edited by Alisen Downey
SHARE THIS ARTICLE
Related Articles

Four Reasons to Reach for the Cloud after World Earth Day

By: Special Guest    4/23/2018

The World Earth Day agenda offers a chance to flip the rationale for cloud adoption and highlight environmental benefits that the technology brings pr…

Read More

Bloomberg BETA: Models Are Key to Machine Intelligence

By: Paula Bernier    4/19/2018

James Cham, partner at seed fund Bloomberg BETA, was at Cisco Collaboration Summit today talking about the importance of models to the future of machi…

Read More

Get Smart About Influencer Attribution in a Blockchain World

By: Maurice Nagle    4/16/2018

The retail value chain is in for a blockchain-enabled overhaul, with smarter relationships, delivering enhanced transparency across an environment of …

Read More

Facebook Flip-Flopping on GDPR

By: Maurice Nagle    4/12/2018

With GDPR on the horizon, Zuckerberg in Congress testifying and Facebook users questioning loyalty, change is coming. What that change will look like,…

Read More

The Next Phase of Flash Storage and the Mid-Sized Business

By: Joanna Fanuko    4/11/2018

Organizations amass profuse amounts of data these days, ranging from website traffic metrics to online customer surveys. Collectively, AI, IoT and eve…

Read More