Hardening Military Networks
Iraq’s Ministry of Defense enlists a cybersecurity team to detect and prevent attacks
With the rapid development of the internet and mobile phones, technology has become a necessity in people’s daily lives. These technologies have improved all sectors of society, including education, medicine, engineering, security and economics. However, organized criminal gangs and terrorists have exploited these technologies, leading countries to form cybersecurity teams to protect networks from cyberattacks. Unipath magazine met Staff Maj. Gen. Raad Shakir al-Kanani, director of the Military Communications Directorate in the Iraqi Ministry of Defense, to discuss the tasks and accomplishments of the ministry’s cybersecurity team.
Unipath: What steps has your directorate taken to secure Iraq against cyberattacks?
Maj. Gen. Raad: The primary mission of the Military Communications Directorate in the field of cybersecurity is to protect the Iraqi Ministry of Defense systems and networks, in addition to developing specific policies for the use of devices and networks belonging to the ministry and its units. The directorate, therefore, puts information security controls and guidelines in place to safeguard the application of procedures to prevent cyberattacks. We work with the network building and administration department to ensure that secret confidential networks remain closed to the public and are not connected to public networks like the internet, as well as other procedures with the cooperation of the relevant technical directorates. A closed network is one that contains military email, websites and contracts. We also have another online public network that is separate from the closed network. It is managed via the official website of the ministry and engages with the public.
We also conduct awareness training sessions for network users on the dangers of cyber terrorism and the need to comply with the ministry’s guidelines so that the network is protected from breaches. In addition, the nonuse of personal USBs in the ministry’s devices or CD-ROMs to watch movies or online gaming is emphasized, and loading external programs on the devices is strictly prohibited.
Unipath: How does the ministry work with other security agencies to promote cybersecurity?
Maj. Gen. Raad: We maintain direct cooperation with the other security agencies in the cybersecurity field through joint committees such as the Supreme Communications and Information Security Committee and the committee tasked with formulating national cybersecurity strategy. There are also discussions on cybercrime law and cooperation with the National Computer Incident Response Team. Cooperation in this field is extremely necessary for national network security and for building good relations with other specialist security agencies, so that information is exchanged and optimal methods are adopted in the face of threats and attacks. This is in addition to the work with our friends in the coalition forces through the Joint Operations Command, where cybersecurity intelligence is exchanged, as well as the intelligence gleaned from devices in terrorist hideouts, and from hacking programs and website breaches, which give us the capability to counter terrorist attacks on our sites.
Unipath: What is your role in protecting polling centers from online attacks?
Maj. Gen. Raad: As a defense ministry, the assigned task is the protection of voting centers from conventional terrorist attacks or riots, and the Military Communications Directorate has not been tasked to protect them from cyberattacks. However, as I mentioned above, we work with other specialist security agencies in the cybersecurity field to protect the national network from external attacks, and we have not been aware of any abnormal breach or activity.
Unipath: Is your duty restricted to protecting Ministry of Defense facilities or does it also include other state and private sector installations?
Maj. Gen. Raad: The Military Communications Directorate’s duty is restricted to the protection of Ministry of Defense facilities, in cooperation with the relevant technical directorates. However, it is not possible to separate cybersecurity of the ministry’s networks from other state networks; therefore we ensure that no breach of ministry devices occurs, or that the network becomes a bot to attack other sensitive government websites. This requires educating our personnel on the risks of cyber threats and how to maintain network security. Just as we are alert to protect the network from external threats, we monitor the ministry’s network online inputs and outputs, and what comes out of other government networks. We have malware detection and virus protection applications, which are constantly updated.
Unipath: How do you prevent the use of unencrypted devices?
Maj. Gen. Raad: The Ministry of Defense Cybersecurity Department has been newly formed to keep pace with rapid global technological developments. Because Iraq was isolated from the world before 2003, we were unable to keep up with technological developments over the last two decades. Mobile phones became the preferred form of communication. It was not possible to educate all military units that they should not use mobile phones in military communications or make contact from the battlefield regarding military operations. We have observed misconduct among some Soldiers taking images and videos of the battlefield, and also the use of mobile phones by formation commanders during battle. Necessary measures were taken in this regard. Specific instructions and guidelines exist to prevent the use of unsecured and unencrypted devices and communications. Use is exclusively intended for encrypted and secured devices authorized by the Military Communications Directorate. However, such violations occur even in the most advanced armies. Therefore, officers specializing in information security must be assigned within all formations and be trained by the cybersecurity team, and in turn, educate and train Soldiers to follow guidelines.
Unipath: You took part in the Cybersecurity Incident Response Team Conference in September 2021.Can you discuss the conference recommendations?
Maj. Gen. Raad: The conference proceedings were of the utmost importance, with the topics focused on actual current threats. I was happy to participate in the conference and get to know our brothers in the security services, see their latest tactics and benefit from their experiences in this field. As for the cybersecurity conference recommendations, they were:
Launch an initiative to provide a cybersecurity development program to all state institutions.
Adopt academic and professional curricula and specialized postgraduate studies in the field of cybersecurity within the Ministry of Higher Education and Scientific Research.
Attract competency through the creation of an association of experts, amateurs and specialists in cybersecurity. To do just that, the Community Initiative Development Fund was launched with the support of civil society organizations and the private sector.
The Iraqi Computer Emergency Response Team (IQCERT), the Ministry of Higher Education and Scientific Research, private sector companies, and international organizations adopted the training and development of local CERT teams. The IQCERT adopted regulations for cybersecurity companies and a strategic plan to raise Iraq’s position in the Global Cybersecurity Index.
Unipath: How does the ministry select and prepare the cybersecurity team?
Maj. Gen. Raad: Members of the team are chosen from specialist technical department personnel belonging to the Iraqi Ministry of Defense. The team’s personnel are required to be experienced and skilled officers and engineers in the field of cybersecurity, and the candidates must have completed security vetting.
Unipath: How stringent are the laws under which cybercriminals are tried in Iraq?
Maj. Gen. Raad: As of late 2021, Iraq has yet to pass a law against cybercrime, but a draft awaits approval by the Council of Representatives, which then must be ratified by the government. We look forward to the adoption of this law to punish and deter perpetrators of cybercrime and prevent organized cybercriminal gangs from using Iraq’s national network as a launchpad to attack other state systems with the aim of extortion or sabotage.
Unipath: How much do you cooperate with friendly nations to improve cyber technologies?
Maj. Gen. Raad: Cybersecurity is everyone’s responsibility, and even isolated breaches can directly impact all countries of the world. When I say isolated, I mean geographically isolated, not electronically. The digital era has connected the whole world and has not left any place isolated. Despite its great advantages, it also brings with it great risks that have been imposed on us, so we are vigilant in deterring anyone inclined to exploit information technology for criminal purposes, whether local or transnational. The internet, email and social media pages have made the world a village, and at the same time have made malware and viruses spread much faster. Therefore, international cooperation and information exchange between allied countries is essential. Cooperation also takes place with allied countries through special cybersecurity courses and holding exercises and competitions such as the cyber warrior competition held by the Office of Defense Cooperation of the U.S. Embassy in 2020. These courses and exercises benefit participants greatly.
Unipath: How does the Ministry of Defense’s Signals and Communications Directorate keep up with rapid technological development?
Maj. Gen. Raad: We have a team that specializes in researching and tracking technological development, and we are also keen to participate in conferences and workshops specific to cybersecurity. We are working with the ministry’s research and development centers and technical universities to develop our staff’s skills. In addition, we plan to send our personnel to specialized courses in NATO or allied countries. We are keen to attract people with outstanding skills among Iraqi university graduates and from Ministry of Defense personnel to maintain levels of performance.
Unipath: Has Daesh conducted cyberattacks against Ministry of Defense websites?
Maj. Gen. Raad: No, Daesh has not previously launched a cyberattack on Ministry of Defense sites. Perhaps the reason for this is that the ministry’s network has a high level of technical fortification and an experienced information security team, in addition to the network being a closed network for movements and troops.