SYNTHESIS OF THREATS AND RISKS OF CYBER SECURITY OF MONTENEGRO - THE VULNERABILITY ASPECT OF INFORMATION COMMUNICATION INFRASTRUCTURE
DOI:
https://doi.org/10.35120/sciencej010101mKeywords:
cyber, critical infrastructure, hackers, cyber securityAbstract
That there are no untouchables and that cyber threats are entering Montenegro through the big doors, is indicated by the hacker attack on the Government of Montenegro. Fortunately, the hackers did not get hold of confidential data, but their act itself caused a serious act of endangering state security, especially because they breached the system that is networked with all state bodies. It was not the first time in 2022 that hackers broke into Government IC systems and state and private companies and organizations. Experts from the IT sector have been warning about the vulnerability of the system for a long time, but not loudly enough to be taken seriously. Let’s also mention the attack on Montenegro on the eve of joining NATO, where Montenegro was under increased cyber attacks, and the Ministry of Defense says that it is similar today.
Cyber is no longer the world of gamers and geeks, it is increasingly becoming a prefix for terrorism, crime, and other types of threats (Kazerić 2017). Internet trade and the use of electronic services such as e-government are also on the rise. To the global trend, almost everything that was only tangible and materialized in the real world is moving to the virtual community. This brings with it many advantages, but also disadvantages, and one of them is certainly the vulnerability of critical information and communication infrastructure and the danger of cyber attacks. In such circumstances, the issue of security partially shifts the focus to cyber, that is, cyber security. Precisely for this reason, it is necessary to take a critical look at the existing information and communication infrastructure and analyze the existing threats and risks brought by the modern, cybernetic age. The synthesis of threats and risks is necessary so that we can adequately face them and predict the difficulties that may come our way, which could have significant consequences for national security.
Downloads
References
Mujevic, Mersad., & Korac, Safet (2020). Development of the concept of critical infrastructure protection in Montenegro - roads, experiences, roles, and responsibilities. Knowledge International Journal, 41(4), 711 - 718;
Ana-Maria, Kezerić, “Analysis of threats and risks to the cyber security of the Republic of Croatia: vulnerability of the information infrastructure”, graduate thesis, University of Zagreb, 2017;
Hadjin (2009) Protection and security of information systems (teaching materials with a collection of tasks). Zagreb: Faculty of Electrical Engineering and Computing;
Brnetić, Damir, et al (2013) Criminal law-forensic protection of critical national infrastructure from IT (cyber) threats. In: Antoliš, Krunoslav (ed) New security threats and critical national infrastructure (pp. 34-45). Zagreb: Ministry of the Interior, Police Academy;
Nađ, Ivan and Adelsberger, Zdenko (2016) Information security in the context of crisis management. In: Nađ, Ivan (ed.) Days of crisis management (116-126). Velika Gorica: University of Velika Gorica;
Juran, Ana (2014) Security of information systems. Graduate work. Rijeka: Maritime Faculty in Rijeka;
Singer, Peter Warren, and Friedman, Allan (2014) Cybersecurity and Cyberwar: what everyone needs to know. New York: Oxford University Press; DOI: https://doi.org/10.1093/wentk/9780199918096.001.0001
Vuković, Hrvoje (2012) Cyber security and the system of combating cyber threats in the Republic of Croatia. Final specialist thesis. Zagreb: Faculty of Political Sciences;
Košutić, Dejan (2012) 9 Steps to Cybersecurity: The Manager’s Information Security Strategy Manual. Zagreb: EPPS Services Ltd;
Klaić, Aleksandar (2010) Overview of the state and trends in contemporary information security policy and information security management methods. Doctoral qualification exam. Zagreb: Faculty of Electrical Engineering and Computing;
Kovačević, Božo (2014) Cyberwar – American pretext for a new cold war? Polemos: journal for interdisciplinary studies of war and peace 16(32): 91-110; DOI: https://doi.org/10.1162/JCWS_a_00517
Matika, Dario (2009) Energy security, and critical infrastructure - an overview of research results. In: Matika, Dario, and Poljanec-Borić, Saša (eds) Critical infrastructure in Croatia: Towards a new system of security and protection (45-59). Zagreb: Institute for Research and Development of Defense Systems of the Ministry of Defense, Institute of Social Sciences Ivo Pilar;
Tofan, Dan; Nikolakopoulos, Theodoros; Darra, Eleni (2016) The cost of incidents affecting CIIs. Ennis.
Legal acts and norms
Cyber Security Strategy of Montenegro 2022-2026;
Law on Information Security (“Official Gazette of Montenegro”, no. 14/10, 40/16, 74/20, 67/21);
Law on Designation and Protection of Critical Infrastructure (“Official Gazette of Montenegro”, No. 72/2019);
Defense Strategy of Montenegro;
Disaster Risk Reduction Strategy 2018-2023;
Digital Transformation Strategy of Montenegro 2022-2026;
Disaster recovery implementation strategy (strategy for securing data in the event of a disaster for the needs of state and administrative bodies in Montenegro);
The strategy of using Open source technology;
Program for the development of information and communication technologies of the judiciary 2021-2023.
Other Internet sources
https://ccdcoe.org/cyber-security-strategy-documents. HTML
https://cert.europa.eu / static/SecurityAdvisories/2017/CERT-EU-SA2017-012.pdf
https://securelist.com /files/ 2016/11/ KL_Q3_Malware_Report_ENG.pdf
HTTPS:// securityevaluator HTTPS /hospitalhack /
www.iso27001 security.com /ISO27k_ISMS_Mandatory_documentation_checklist_release_1.docx
HTTPSHTTPSdvisera.com/27001 academy/knowledgebase/iso-27001-gap-analysis-vs-risk-assessment
www.nato.int/cps/en/natohq/official_texts_133169.htm
https://digital-strategy.ec.europa.eu/en/library/eus-cybersecurity-strategy-digital-decade
www.cirt.me
www.isme.me
www.yumpu.com/xx/document/view/38655723/1-pojam-information-sistema-itrevizijaba
www.zastita.info/hr/casopis/clanak/granice-kiberneticke-bojisnice-nije-lako-repoznati,22946.html
www.slobodnaevropa.org/a/crna-gora-vlada-istraga-sajber-napadi/32002798.html
https://avaz.ba/globus/region/781786/dfc-razotkrio-opasne-aktivnosti-ruske-tajne-sluzbe
www.antenam.net/politika/263510-dfc-crna-gora-u-mrezi-aktivnosti-gru
www.slobodnabosna.ba/vijest/273215/uzbuna_u_crnoj_gori_dfc_razotkrio_opasne_aktivnosti_ruske_tajne_sluzbe.html
www.scribd.com/document/580304186/strategija-sajber-bezbednosti-crne-gore-2022-2026-spredlogom-akcionog-plana-za-period-2022-2023-1
https://pubdocs.worldbank.org/en/384771604613506147/3-Energetski-sektor.pdf
https://docplayer.rs/211233602-Analiza-prietnji-i-rizika-cyber-sigurnosti-republike-hrvatske vulnerability of information - infrastructure.html
www.baltictimes.com/ega_strengthens_cyber_resilience_of_the_western_balkans_countries
www.scribd.com/document/486514599/15-94-18-12-2014-pdf