Переходьте в офлайн за допомогою програми Player FM !
Conversation with Ruben Muradyan - 01/31/2021 (Ep. 46)
Manage episode 283706254 series 2775031
Conversation with Ruben Muradyan - 01/31/2021
Experience being called up and participating in the war
Ethics of a security professional. What to do when a government member asks you to conduct greyhat (potentially unlawful or unethical) security?
On the 2nd day of the war Ruben was called up to the army as part of an infantry company.
- Can you describe your experience?
- How were you drafted? And where did you serve?
- What specialty did you have in the army?
- What can you tell us about what you saw?
- Why did we lose the war?
Cyber Incidents During Artsakh War
All modern wars are accompanied by cyber-activities. Can we talk about what this looked like during the 44-day war?
Some major potential security incidents during the war:
- Gov.am and Primeminister.am defacement
- MFA compromise (or maybe it's part of a larger thing)
- Metsamor NPP compromise
Out of tens of incidents registered by security experts, only a few were publicly acknowledged by the Armenian government and the results of such incidents were not published. Incidents varied and included defacement, denial of service attacks, leaks of personal information, as well as leaks of potentially sensitive data apparently from government agencies such as the foreign ministry and national security service.
What was the potential for offensive cyber-security operations by Azerbaijan to be leveraged to achieve results directly on the battlefield? How about radio-electronic warfare itself?
Is the lack of public response due to secrecy or is there a deeper issue such as being able to analyze incidents fully and understand their full impact.
Lessons Learned
Given Armenia’s need to restore military readiness especially in the areas of cyber-security, what are some key lessons for the Armenian side?
- Institutionalized CERT that is independent from government.
- Cyber-security divisions in all government institutions.
- Acceptance and implementation of widely accepted NIST standards
- Prioritize the most easy-to-implement steps first.
Guests
- Ruben Muradyan
Your Hosts:
- 𝐀𝐬𝐛𝐞𝐝 𝐁𝐞𝐝𝐫𝐨𝐬𝐬𝐢𝐚𝐧
- 𝐇𝐨𝐯𝐢𝐤 𝐌𝐚𝐧𝐮𝐜𝐡𝐚𝐫𝐲𝐚𝐧
Website: https://groong.org/podcasts/CoG-20210131.html
Episode 46 | Recorded on January 19, 2021
Subscribe and follow us everywhere you are: linktr.ee/groong
323 епізодів
Manage episode 283706254 series 2775031
Conversation with Ruben Muradyan - 01/31/2021
Experience being called up and participating in the war
Ethics of a security professional. What to do when a government member asks you to conduct greyhat (potentially unlawful or unethical) security?
On the 2nd day of the war Ruben was called up to the army as part of an infantry company.
- Can you describe your experience?
- How were you drafted? And where did you serve?
- What specialty did you have in the army?
- What can you tell us about what you saw?
- Why did we lose the war?
Cyber Incidents During Artsakh War
All modern wars are accompanied by cyber-activities. Can we talk about what this looked like during the 44-day war?
Some major potential security incidents during the war:
- Gov.am and Primeminister.am defacement
- MFA compromise (or maybe it's part of a larger thing)
- Metsamor NPP compromise
Out of tens of incidents registered by security experts, only a few were publicly acknowledged by the Armenian government and the results of such incidents were not published. Incidents varied and included defacement, denial of service attacks, leaks of personal information, as well as leaks of potentially sensitive data apparently from government agencies such as the foreign ministry and national security service.
What was the potential for offensive cyber-security operations by Azerbaijan to be leveraged to achieve results directly on the battlefield? How about radio-electronic warfare itself?
Is the lack of public response due to secrecy or is there a deeper issue such as being able to analyze incidents fully and understand their full impact.
Lessons Learned
Given Armenia’s need to restore military readiness especially in the areas of cyber-security, what are some key lessons for the Armenian side?
- Institutionalized CERT that is independent from government.
- Cyber-security divisions in all government institutions.
- Acceptance and implementation of widely accepted NIST standards
- Prioritize the most easy-to-implement steps first.
Guests
- Ruben Muradyan
Your Hosts:
- 𝐀𝐬𝐛𝐞𝐝 𝐁𝐞𝐝𝐫𝐨𝐬𝐬𝐢𝐚𝐧
- 𝐇𝐨𝐯𝐢𝐤 𝐌𝐚𝐧𝐮𝐜𝐡𝐚𝐫𝐲𝐚𝐧
Website: https://groong.org/podcasts/CoG-20210131.html
Episode 46 | Recorded on January 19, 2021
Subscribe and follow us everywhere you are: linktr.ee/groong
323 епізодів
Alle Folgen
×Ласкаво просимо до Player FM!
Player FM сканує Інтернет для отримання високоякісних подкастів, щоб ви могли насолоджуватися ними зараз. Це найкращий додаток для подкастів, який працює на Android, iPhone і веб-сторінці. Реєстрація для синхронізації підписок між пристроями.