Dr. Khatuna Burkadze – It is essential to adopt the Strategy for Countering Hybrid Threats in Georgia


Interview on cybersecurity with Dr. Khatuna Burkadze, a research fellow at Geocase


- Since 2008 Georgia has become a target of cyberattacks several times. On October 28, 2019 cyberattack was carried out against Georgia again.


Investigations have shown that Russia was responsible for it. Last week the United States, Estonia and the United Kingdom condemned the Russian cyberattack on Georgia in October 2019 at a closed meeting of the United Nations Security Council (UNSC).


Could you explain the mains of large-scale cyberattacks?


- In August 2008 Georgia became a target of cyberattacks alongside with the traditional military actions. Unfortunately, since 2008 stability of cyberspace has remained challenge. Furthermore, cyberspace is a new and large-scale component of security policy.


According to the statement of the Ministry of Foreign Affairs of Georgia, on 28 October 2019, a large-scale cyberattack was launched against the websites, servers and other operating systems of the Administration of the President of Georgia, the courts, various municipal assemblies, state bodies, private sector organisations and media outlets. Overall, as a result of the cyberattack, the servers and operating systems of these organisations were significantly damaged, severely affecting their functionality.


These destructive actions aimed to undermine Georgia’s national security, harm the Georgian population and sow discord in the society by the functional impediments of different organizations including governmental bodies.


The Russian cyberattack on Georgia violated the fundamental principles of international law. Such actions infringe Georgia’s sovereignty, territorial integrity and impede Georgia’s development.


- How do you evaluate supporting statements of international partners? In your opinion, to what extent can these statements promote to enhance the Georgian cybersecurity?


- It is very important that international partners had appropriate reactions with regard to cyberattack carried out against Georgia.


They condemned the Russian cyberattack on Georgia. The international support will promote to enhance the Georgian cybersecurity.


Cyberspace is not bound by particular boundaries. Therefore, the close cooperation with partners is a precondition to develop open, free, stable and secure cyberspace.


Supporting statements indicate that partners will continue cooperation with Georgia to prevent destructive actions in cyberspace.


Furthermore, recently, the Cyber Security Bureau of the Ministry of Defence of Georgia has become a full member of the Multinational Malware Information Sharing Platform (MISP), which is a NATO-endorsed smart defence initiative. This is a significant decision in terms of enhancing the Georgian cybersecurity because MISP is an interactive platform for security incident investigators and malware analysts.


The United States condemned Russian cyberattack against Georgia. The United States calls on Russia to cease this behaviour in Georgia and supports Georgia, its people in enhancing their cybersecurity and countering malicious cyber actors. It offers additional capacity building and technical assistance to help strengthen Georgia’s public institutions and improve its ability to protect itself from these kinds of activities.


The UK underlined that Russia conducted cyberattack in an attempt to undermine Georgia’s sovereignty and disrupt the lives of ordinary Georgian people. The UK remains unwavering in its support for Georgia’s sovereignty and territorial integrity.


Alongside with the United States and the UK, Denmark, Estonia, Latvia, Lithuania, Poland, Norway, the Czech Republic, Sweden, Montenegro, Iceland, Canada, the Netherlands, Romania, Ukraine, Australia expressed their strong support towards Georgia.


On March 5, 2020, the United States, Estonia and the United Kingdom separately discussed the Russian cyberattack on Georgia and condemned Russian destructive action at the Security Council of the United Nations. In view of the above, Georgia has a strong support in bilateral and multilateral formats.


- As a result of technological developments alongside with cyber incidents what kind of challenges does Georgia face? How do we overcome these challenges?


-In terms of rapid technological advances alongside with cyber incidents, we face other hybrid threats such as disinformation, propaganda. This reality demands to develop a common governmental vision to overcome hybrid challenges.


Because of cyberattacks and disinformation campaigns, the Georgian government needs to adopt a strategy for countering hybrid threats.


The strategy for countering hybrid threats should define types of modern hybrid threats, to determine their non-military characteristics, tactics and analyze possible impacts on the country’s political, economic lives. As well, it should focus on solutions to overcome these challenges.


The strategy will set out the mechanism for countering these challenges. Particularly, it will consist of three components (based on the experience of North Atlantic Alliance):


1) To be prepared for hybrid threats – It means to gather information on possible hybrid activities and analyze these data, to equip decision-makers with appropriate information and knowledge;


2) To deter hybrid threats – It considers to take measures to ensure institutional development of governmental institutions and prevent negative and destructive effects of hybrid challenges;


3) To defend itself against any hybrid threat – If deterrence fails to achieve a strategic goal, it is essential to develop defence abilities to be able to rapidly react in cases of hybrid actions.


The strategy for countering hybrid threats can consider the establishment of the intergovernmental group. In a long-term perspective, this group will provide the development of an institutional mechanism for countering hybrid threats.


Overall, adoption of the strategy for countering hybrid threats is crucial to enhance cybersecurity because it will promote to prevent cyber incidents or react against them in a quick.


- This is a fact that methods of warfare have been dramatically changed. Therefore, it is essential to understand what is a vision of international actors concerning new forms of warfare?


- At the global level, there is no common vision on definitions of cyberattacks and cyberwarfare. However, at the regional level, NATO member states reached a consensus on cyber issues.

In 2007 cyberattacks carried out against Estonia became ground for the Alliance to develop cyber defence policy.


NATO member states agreed that existing international legal norms including the UN Charter and North Atlantic Treaty apply to cyberspace.


However, intensity, scale and duration of cyberattacks should be taken into consideration. Overall, security policy includes not only air, land and naval components but also cyberspace in the digital era.


- What are the specific aspects Georgia has to accentuate, apart from cooperating with international partners, to adopt a strategy?


- Technological advances make the forms of cyberattacks sophisticated and weaken control over the infrastructure of information technologies. Technological advances also contribute to the rapid development of operational tactics in cyberspace. Hence, states, including Georgia, must protect their critical information systems. Developing the defensive mechanism of information systems enables Georgia to have protected information technologies and increases its strategic role in the region.


- As the risk of a cyberattack is serious, which measures are effective and necessary at this stage?


- To improve cybersecurity, we need the following:


The state should support scholars to do researches on cybersecurity; Georgia needs to conduct intensive training with its partners on improving cybersecurity capabilities; To deepen linkages with our partner countries, including the US and Estonian experts; To finalize the formation of permanent cybersecurity platform with the participation of public and private actors at the state level; To take appropriate measures for the protection of critical infrastructure; To design university programs for training cybersecurity specialists; To implement information and educational projects on raising public awareness.




Koba Bendeliani