ITU to Help Member Countries Better Secure Their Websites


The four-day International Telecommunication Union (ITU) World event is underway in Bangkok. Kicking things off for this specialized agency of the United Nations (UN) were several calls for ICT ecosystem unity.

Speakers from around the world implored those in attendance to actively engage with each other to facilitate acceleration of pervasive broadband deployment. The common theme was that national and international policy makers, ICT product and services providers, members of their entire value chains, fierce competitors in adjacent industries seeking hegemony, the financial community and other stakeholders all have common cause and need to work together with some urgency to break down the barriers impeding more rapid broadband deployments.

Image via Shutterstock

It should also be noted that the ITU announced its support of humanitarian health efforts to aid victims of Typhoon Haiyan in the form a donations for emergency communications equipment to the World Health Organization and Philippines government crisis response units.

Along with the usual ITU discussion/bickering surrounding its mandates to coordinate use of the radio spectrum and satellite orbits, and assist in variety of ways including development of technical standards to improve telecoms infrastructure around the world, and working on things like Internet accessibility, security is now right up there with broadband deployment as a top and possibly more urgent concern.

In fact, in the wake the continuing rollout of revelations from the NSA scandal, hackers targeting the Singapore government website and the Affordable Care Act, and a host of other organized crime and state-sponsored cyber attacks, the ITU is looking to help member states better protect their websites.  In this regard, the agency has announced availability of a rather expansive toolset to ensure websites of its 193 member states are much better protected from being compromised. It is part of ITU’s Global Cybersecurity Agenda (GCA) framework for international cooperation— aimed at proposing strategies for solutions to enhance confidence and security that builds on existing national and regional initiatives to avoid duplication of work and encourage collaboration amongst all relevant partners. The GCA itself is housed in The International Multilateral Partnership Against Cyber Threats (IMPACT) which operates under ITU auspices.  

A featured part of the toolset, which includes advanced evaluation and remediation capabilities, is ImmuniWeb from Geneva, Switzerland-based High-Tech Bridge. The reason for inclusion in the package is that ImmuniWeb provides security assessment solutions through a Software-as-a-Service (SaaS) delivery model. It is a unique hybrid service that combines a state-of-the-art Web security scanner for automated vulnerability assessment, and an accurate manual Web application penetration test performed in parallel by security experts.

Commenting on the announcement, ITU Secretary-General Dr Hamadoun I. Touré, pictured at right, stated, “This partnership with High-Tech Bridge, within the framework of the ITU-IMPACT initiative, will assist Member States, in particular developing and least developed countries, to use these tools to improve the security of their websites and counter cyber threats and related vulnerabilities.”

Ilia Kolochenko, High-Tech Bridge CEO, noted: “Web application security is one of the weakest links in corporate information security today. In our experience at High-Tech Bridge, almost 90 per cent of security incidents directly or indirectly involve insecure Web applications. Many government institutions don’t have enough resources to prioritize information risks and this is why government websites often become the victims of hackers. ImmuniWeb SaaS from High-Tech Bridge will enable governments to evaluate the state of their Web security in a fast, simple and affordable manner. ImmuniWeb is a perfect decision-making tool that can help even non-technical people to understand their information security risks and properly remediate them. We are proud to be an ITU partner and to be able to deliver our security solution to governmental and state websites.”

If you are not familiar with the ITU-IMPACT initiative, the following ITU Q&A with High-Tech on the latest developments is a nice primer. 

Why is the ITU doing this now?

This initiative comes off the back of an increasing hacking problem worldwide for websites of all types - from retailers to governments. As information security threats increase and hacking becomes more commonplace, the importance of Web security has also grown.

What is the ITU-IMPACT initiative?

The ITU-IMPACT (International Multilateral Partnership Against Cyber Threats) initiative helps UN countries track and overcome cyber threats. This landmark agreement was signed during the World Summit for Information Society 2011 (WSIS) Forum in Geneva, May 2011, and is tasked with the responsibility of providing cyber security assistance and support to ITU’s 193 Member States and other organizations within the UN.

How will the initiative be delivered?

The initiative will be delivered through a toolkit of website security assessment solutions such as ImmuniWeb, a cloud-based Software-as-a-Service (SaaS) delivery model that combines automated Web vulnerability scanning with accurate manual Web application penetration testing.

How many countries will this initiative impact?

Currently there are 30 countries worldwide, including some from each continent, that have signed up to benefit from the toolkit. All 30 of these countries will be using High-Tech Bridge’s ImmuniWeb Security Assessment from Nov. 19, with the remaining countries becoming members by 2017.

What sort of information are hackers looking for?

The majority of hackers attacking government websites are economically and politically motivated, so are specifically looking for access to confidential databases and personal details.

Why do hackers target governments?

Hackers target governments because these websites are not as secure as individual websites due to their size and the number of sub-domains under each, plus the fact that their security is more often than not outsourced.

What are these governments doing at the moment to protect their websites? 

By joining the ITU-IMPACT initiative, the UN governments are combining their efforts to make all of their websites more secure.

The concentration at the moment by the Secretary in singling out developing nations in particular for help makes sense. Unfortunately, cyber attacks do not respect borders or other boundaries, and government websites are what in the military are known as “high value” targets for a host of obvious reasons. This is true for nation-sponsored attackers, domestic political malcontents, criminals looking to steal identities and create a monetization event (aka the stories about hacker interest in the U.S. Affordable Care Act site) and just those looking to create havoc.  What is encouraging in ITU-IMPACT and this latest development is that the haves are willing to share with the have nots, and that the tools being provided while not fail-safe are certainly going to present a major deterrent to those with malicious intent. 

Edited by Alisen Downey
Related Articles

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More

Oct. 17 Webinar to Address Apache Spark Benefits, Tools

By: Paula Bernier    10/2/2018

In the upcoming webinar "Apache Spark: The New Enterprise Backbone for ETL, Batch and Real-time Streaming," industry experts will offer details on clo…

Read More

It's Black and White: Cybercriminals Are Spending 10x More Than Enterprises to Control, Disrupt and Steal

By: Cynthia S. Artin    9/26/2018

In a stunning new report by Carbon Black, "Hacking, Escalating Attacks and The Role of Threat Hunting" the company revealed that 92% of UK companies s…

Read More

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More