EX

PE

RT

OP

INIO

N

123

eqspertis azri

123

andria gociriZe

rusuli destruqciuli kiberoperaciebisagan

Tavdacvis ZiriTadi strategiuli mimarTulebebi

eqspertis azri

andria gociriZe

rusuli destruqciuli kiberoperaciebisagan Tavdacvis ZiriTadi strategiuli mimarTulebebi

2019

123

ÓÀØÀÒÈÅÄËÏÓ ÓÔÒÀÔÄÂÉÉÓÀ ÃÀ ÓÀÄÒÈÀÛÏÒÉÓÏ ÖÒÈÉÄÒÈÏÁÀÈÀ ÊÅËÄÅÉÓ ×ÏÍÃÉGEORGIAN FOUNDATION FOR STRATEGIC AND INTERNATIONAL STUDIES

publikacia daibeWda amerikis SeerTebuli Statebis saelCos finansuri mxardaWeriT. gamocemaSi gamoTqmuli mosazrebebi ekuTvnis avtorebs da SeiZleba ar asaxavdes saelCos Tvalsazriss.

teqnikuri redaqtori: artem meliq-nubarovi

saavtoro uflebebi daculia da ekuTvnis saqarTvelos strategiisa da saerTaSoriso urTierTobebis kvlevis fonds. werilobiTi nebarTvis gareSe publikaciis arc erTi nawili ar SeiZleba gadaibeWdos aranairi, maT Soris eleqtronuli an meqanikuri, formiT. gamocemaSi gamoTqmuli mosazrebebi da daskvnebi ekuTvnis avtors/ebs da SeiZleba ar asaxavdes saqarTvelos strategiisa da saerTaSoriso urTierTobebis kvlevis

fondis Tvalsazriss.

© saqarTvelos strategiisa da saerTaSoriso urTierTobaTa kvlevis fondi 2019 weli

ISSN 1512-4835 ISBN 978-9941-8-1239-2

3

faqtorebi, romelTa gaTvaliswinebiTac unda moxdes erovnuli kiberusafrTxoebis axali strategiis SemuSaveba. 21-e saukunis meore aTwleulis miwuruls kiberusafrTxoeba, rogorc saxelmwifo usafrTxoebis Semadgeneli, sul ufro met datvirTvas iZens. politikuri, samxedro, socialuri Tu kriminaluri procesebi didwilad kibersivrceSia gadanacv-lebuli. kiberdomeini, dapirispirebis mexuTe sivrce, gamud-mebiT gamoiyeneba politikuri, ekonomikuri Tu samxedro miznebis misaRwevad. ganviTarebuli kiberSeteviTi poten-ciali saSualebas aZlevs bevr saxelmwifos, upirveles yov-lisa ki ruseTs, geopolitikuri upiratesobis mosapoveblad warmatebiT gamoiyenos kibersivrce omis/konfliqtis mimdin-areobisas Tu mSvidobian dros.

saxelmwifoTaSoris urTierTobebsa Tu konfliqtebSi kiberelementis gamoyenebam mokle periodSi mniSvnelovani cvlileba ganicada. Tuki saukunis pirvel aTwleulSi saxel-mwifoTa mxridan mxardaWerili kiberSetevebi ZiriTadad teq-nikuri efeqtis misaRwevad gamoiyeneboda, meore aTwleulis Sua periodidan TvalSisacemia sainformacio-fsiqologiuri zemoqmedebis mizniT ganxorcielebuli kiberoperaciebis mzardi ricxvi. saqarTvelosTvis ZiriTad safrTxed isev rCeba ruseTis agresiuli kiberoperaciebi, romlebic ro-gorc teqnikur, ise fsiqologiur efeqtzea gaTvlili da me-tad saxifaToa saqarTvelosaTvis. unda aRiniSnos, rom bolo wlebSi ruseTis destruqciuli kiberaqtivobebi postsabWoTa qveynebis areals gascda da evropisa Tu aSS-is saarCevno pro-cesebi mravaljer gaxda ruseTis samTavrobo struqturebTan dakavSirebuli hakerebis samizne. kibersivrce rusuli pro-pagandistuli kontentis da, zogadad, rusuli sainformacio konfrontaciis moqmedebis mniSvnelovan asparezad iqca, rac kidev erTxel mowmobs sainformacio-fsiqologiur Sedegze orientirebuli kiberoperaciebisagan momdinare safrTxeze.

rusuli kibersafrTxeebi: ZiriTadi mimarTulebebi da miznebi

arsebuli mdgomareobiT, saqarTvelosTvis ruseTis federaciidan momdinare kibersafrTxe realuria da misi done, 2008 welTan SedarebiT, gazrdilia. kremlma araTu Secvala sakuTari agresiuli kiberpolitika, aramed mniSv-

4

nelovnad aamaRla saxelmwifos kiberSeteviTi potenciali da gaafarTova kiberoperaciebis gamoyenebis areali. teqni-kur efeqtze orientirebul Setevebs kibersivrceSi mimdin-are fsiqologiuri gavlenis operaciebic daerTo. amgvarma operaciebma SesaZloa gamoiwvios sainformacio-fsiqolo-giuri efeqti: kremlis sasargeblod cnobierebis Secvla, prodasavluri ganwyobebis Semcireba da prorusuli elitis formireba-gaZliereba, rac konvenciuri moqmedebebis wina-pirobas warmoadgens. safrTxeebis zrdis erT-erTi faqtori is garemoebacaa, rom 2008 welTan SedarebiT mniSvnelovnad aris gazrdili saqarTvelos damokidebuleba informaciul da sakomunikacio teqnologiebze, rac potenciuri kiberTav-dasxmebis SemTxvevaSi, zrdis mosalodneli zianis masStabebs.

demokratiul saxelmwifoSi kritikuli infrastruq-turis didi nawili kerZo seqtorSia Tavmoyrili. biznesis ganviTareba ekonomikis zrdis da, zogadad, ekonomikuri usafr Txoebis erT-erTi ZiriTadi faqtoria. swored amitom xdeba xSirad saxelmwifoTaSorisi urTierTobebis msxverpli biznesseqtoris kibersivrcec, rac, Tavis mxriv, saxelmwi-foze axdens SesamCnev gavlenas. kibersivrcis mzardi gamoy-enebis proporciulad izrdeba riskebi. samwuxarod, kiber-safrTxeebze imuniteti ar arsebobs.

21-e saukunis dasawyisidan sxvadasxva intensivobisa da sirTulis rusuli kiberoperaciebis samizned aTeulo-biT qveyanaSi iqca saxelmwifo struqturebi, media da komu-nikaciis sfero, industria, energetika, politikuri orga-nizaciebi da sxva.

ukanaskneli ori aTwleulis manZilze kibersivrce-Si mimdinare movlenebisa da konfliqtebSi kiberelementis gamo yenebis analizi cxadyofs, rom ruseTis mier warmoebuli kiberoperaciebis negatiuri efeqti mravalgvaria da SeiZle-ba sxvadasxva mizans emsaxurebodes:

• industriis kontrolis sistemebis mwyobridan gamoyvana. aSS-is dazvervis monacemebiT1, ruseTi minimum 2015 wli-dan flobs SesaZleblobas, hqondes distanciuri wvdoma mowinaaRmdegis kritikuli informaciuli sistemis makon-trolebel programul uzrunvelyofaze2. amave monaceme-biT, ruseTTan afilirebulma kiberaqtorebma warmatebiT

5

SeZles ramdenime vendoris produqtis lojistikuri jaW-vis komprometacia imgvarad, rom legaluri ganaxlebebis Camoweris Sedegad, momxmareblis sistemaSi aRmoCnda ru-suli malveari3. marTalia, saqarTveloSi ICS-is gamoyeneba arcTu xSiria, Tumca industriis msxvili warmomadgen-lebis warmoebis cikli avtomatizebulia.

• kiberSpionaJi _ saqarTvelos Sesabamisma samsaxurebma gamoavlines masStaburi kibersadazvervo operacia GEOR-BOT. amerikuli kiberusafrTxoebis organizaciis Fire Eye-s angariSSi arsebuli monacemebis mixedviT, wlebis man-Zilze arsebobda arasanqcirebuli wvdoma samTavrobo da Zalovan struqturaTa resursebze, samxedro ataSee-bis ofiseb ze, nato-saqarTvelos urTierTobasTan daka-vSirebul dokumentaciasa da sxva sensitiur masalebze. distanciurad instalirebuli malvearis meSveobiT mud-mivad mimdinareobda sxvadasxva kategoriis informaciis gadineba4. operacias axorcielebda rusuli specsamsax-urebis mier marTuli hakeruli dajgufeba APT28, igive Fancy Bear, romelic Semdgom araerTxel gaxda msoflio sazogadoebis SeSfoTebis sagani. organizaciis mizans ja-SuSuri prog ra mebis meSveobiT Tavdacvasa da geopoli-tikur sakiTxeb ze informaciis Segroveba warmoadgens, rac mxolod saxel m wifosaTvis SeiZleba iyos saintereso. APT28, romelic, sul mcire, 2007 wlidan arsebobs, moce-mul SemTxvevaSi Setevebs axorcielebda ruseTis saerTa-Soriso interesebis Sesabamisi sadazvervo informaciis mosapoveblad, ZiriTadad sami mimarTulebiT: kavkasiis regionis, kerZod, saqarTvelos; aRmosavleT evropis re-gi onis, kerZod, ungreTisa da poloneTis; evropuli da evroatlantikuri usafrTxoebis organizaciebis _ NATO da euTo _ mimarTulebiT.

• kiberSetevebi maRalteqnologiuri malvearis gamoyenebiT. ukrainis konfliqtSi ruseTma gamoiyena kinetikuri efeqtis mqone rTuli virusebis (BlackEnergy da Ourobo-ros) zemoqmedeba kritikul infrastruqturaze. am tipis malvearebi „TiTqmis aTi weli mzaddeboda da uaRresad rTulia, rom kerZo piris an arasaxelmwifo aqtoris mier iyos momzadebuli“.5 amgvarma qmedebebma gaaCina varaudi,

6

rom samomavlod, konfliqtisas, ruseTi dabalteqnolo-giuri SetevebiT da kritikuli infrastruqturis droe-biTi SeferxebiT ar Semoifargleba.

• kritikuli infrastruqturis funqcionirebis sxvadasxva xarisxis moSla an Seferxeba Ddos an Defacement6-is tipis Setevebis Sedegad. cnobilia, rom sustad daculi infra-struqturis pirobebSi dabalteqnologiuri DDoS da De-facement Setevac ki SesaZloa araproporciulad maRali zaralis mizezi gaxdes.

• SeRweva miwodebis jaWvis komprometaciis7 gziT _ gulisx-mobs infiltracias produqtis momwodeblis an warmoebis da lojistikis xarvezis saSualebiT. bolo periodSi me-tad gaxSirda am tipis SeRwevis gamoyeneba saxelmwifoTa, gansakuTrebiT ki ruseTis, mxridan.

• insaideruli safrTxeebi: sistemaSi SeRwevis erT-erTi umartivesi gza insaideris meSveobiT ganxorcielebuli infiltraciaa. insaiderad moiazreba yofili an moqmedi TanamSromeli, kontraqtori da yvela is subieqti, vi-sac SesaZloa legaluri wvdoma hqondes sainformacio sistemebTan. am arxs xSirad iyeneben rusuli specsamsax-urebi. ukanasknel periodSi ruseTTan dakavSirebuli aSS-is gaxmaurebuli kiberskandalebi swored insaideruli safrTxe ebiT iyo ganpirobebuli. garda motivirebuli insaideruli safrTxisa, yuradsaRebia momxmareblis cno-bierebis dabali doniT gamowveuli insaideruli kiber-incidentebi. malvearis instalaciisaTvis rusuli kiber-aqtorebi xSirad iyeneben iseT gavrcelebul meTods, rogoricaa fiSingi8, saqarTveloSi ki fiSingis msxverpl-Ta saerTo procenti 40-50% meryeobs, rac metad sarisko maCvenebelia. swored fiSingis meTodiT SeZles ruseTis specsamsaxurebTan dakavSirebulma kiberaqtorebma ameri-kis demokratiuli partiis, germaniis bundesTagisa da sxva saxelmwifo dawesebulebebis Tu biznesis wamomadgen-lebis qselebis komprometacia.

• kiberoperaciebi sainformacio fsiqologiuri efeqtiT. kiberarxebiT gavrcelebulma propagandistulma kon-tentma SesaZloa gamoiwvios sainformacio-fsiqologiuri efeqti: kremlis sasargeblod cnobierebis Secvla, pro-

7

dasavluri ganwyobebis Semcireba da prorusuli elitis formireba-gaZliereba, rac SeiZleba gaxdes konvenciuri moqmedebebis winapiroba.

rogorc omisa Tu konfliqtis mimdinareobisas, ise mSvidobian dros ruseTis mier ganxorcielebuli kiberope-raciebi SesaZloa sxvadasxva strategiuli Tu taqtikuri amocanis Sesrulebas ukavSirdebodes. amgvari amocanebis arasruli CamonaTvalia, magaliTad:

• sadamsjelo RonisZieba ruseTis interesebTan SeuTavse-beli qmedebis gamo an zewolis berketi politikuri amo-canis Sesasruleblad;

• samxedro amocanis Sesrulebis gasaadvileblad konven-ciur qmedebebTan integrirebuli, maTi winmswrebi an Tan-m x lebi qmedeba;

• kritikuli infrastruqturis xangrZlivad moSla kineti-kuri Sedegebis mqone kiberoperaciis meSveobiT, ekonomi-kuri kolafsis, finansuri zaralis, masobrivi areulobis gamowvevis mizniT;

• saxelmwifo institutebis gamarTuli funqcionirebis Se-ferxeba kritikul servisebTan wvdomis SezRudviT;

• prodasavluri ganwyobebis Semcireba da cnobierebis Secvla kremlis sasargeblod sainformacio-fsiqologi-uri zemoqmedebiT;

• arCevnebis SedegebiT manipulacia, arasasurveli kandi-datis diskreditaciis, demokratiuli wyobis Sesustebis, saxelmwifo institutebis ndobis Seryevis mizniT;

• sadazvervo informaciis mopoveba kiberSpionaJis aqte-biT, sxva sadazvervo moqmedebebi eTnikuri, religiuri, politikuri niSniT antagonisturi jgufebis Camoyali-bebis, samezoblo, saxelmwifoTaSorisi urTierTobebis ZirgamomTxreli saqmianoba;

• politikuri figurebis, samxedro pirebis, socialuri jgufebis an gadawyvetilebis mimRebi wreebis diskredi-taciis, daSinebis da SantaJisaTvis qselSi arsebuli in-formaciis mopoveba an fabrikacia.

8

saqarTvelosTvis, misi Crdiloeli mezoblis de st ru-q ciuli da ukiduresad agresiuli xasiaTis gamo, yvela es tendencia met-naklebad iqneba safrTxis Semcveli. arsebuli viTareba rogorc samTavrobo struqturebis, ise kritiku-li infrastruqturis warmomadgenlebis mxridan maRal cno-bierebas da konkretul nabijebs moiTxovs, rogorc strate-giul, ise taqtikur Tu saoperacio doneebze.

kibersivrceSi arsebuli safrTxeebis zrdis tempebisa da gavrcelebis arealidan gamomdinare, mniSvnelovania gava-analizoT, ras upirispirebs saqarTvelo arsebul tenden-ciebs. ukanasknel aTwleulSi saxelmwifo kiberaqtorebis mier kiberusafrTxoebis mimarTulebiT gadadgmulma nabijeb-ma ganapiroba is realoba, rom gaerTianebuli erebis saerTa-Soriso satelekomunikacio organizaciis kiberusafrTxoebis indeqsSi saqarTvelo msoflio masStabiT pirvel aTeulSi ikavebs adgils. aRniSnuli indeqsis misaRebad kvleva mim-dinareobs kiberusafrTxoebis 5 ZiriTadi mimarTulebiT: sakanonmdeblo baza, teqnikuri aRWurviloba, organizaciuli struqtura, SesaZleblobebis ganviTareba da TanamSromloba. cxadia, aseT avtoritetul reitingSi dawinaureba erovnu-li kiberusafrTxoebis sistemis aRiarebaa. unda aRiniSnos, rom saqarTvelo dsT-is sivrceSi lider saxelmwifod iqna miCneuli9. miuxedavad am warmatebisa, kiberusafrTxoebis strategiuli da konceptualuri dokumentacia, iseve, ro-gorc sakanonmdeblo baza, safuZvlian ganaxlebas saWiroebs, radgan efeqturi kiberTavdacvis gareSe qveyana Crdiloat-lantikuri aliansisaTvis ver gaxdeba saimedo partniori.

zemoTqmulidan gamomdinare, saWiroa gansakuTrebuli yuradReba daeTmos ruseTis, rogorc destruqciuli kiber-aqtoris ganzraxvebis, SesaZleblobebisa Tu RonisZiebebis asaxvas kiberusafrTxoebis strategiul dokumentebSi. axal-ma erovnulma strategiam da masze dayrdnobiT SemuSavebul-ma normatiulma bazam unda uzrunvelyos kiberusafrTxoe-bis sruli integracia farTo usafrTxoebasa da saxelmwifo cxovrebis yvela sferoSi.

9

arsebuli strategiis problemebi da axali konceptualuri ba-zis ZiriTadi mimarTulebebi

mudmivad cvalebadi kibersivrcis pirobebSi, sasi-cocx lod aucilebelia naTlad gamoikveTos is problema-tika, romelic Tan axlavs saqarTvelos kiberganzomilebis ganviTarebas. ganvixiloT ramdenime maTgani:

usafrTxoebisa da krizisebis marTvis sabWos gauqmebis Semdeg, TiTqmis weliwadia saqarTvelos kiberusafrTxoebis arqiteqturaSi aRar arsebobs makoordinirebeli organo, ro-melic uzrunvelyofda saxelmwifo kiberaqtorebis urTi-erT SeTanxmebul muSaobas, kerZo aqtorebTan TanamSrom-lobas da strategiul dokumentaciaze erTobliv muSaobas. aRniSnuli, savaraudod, erT-erTi mizezia imisa, rom 2019 wels saqarTvelo, samwuxarod, kiberusafrTxoebis erovnuli strategiis gareSe Sexvda: wina strategia 2018 wlis CaTvliT moqmedebda, axlis Seqmnaze muSaoba 2019 wels ki daiwyo, mag-ram jer kidev sawyis etapzea da, savaraudod, ramdenime Tves gastans. sxvaTa Soris, is, rom saqarTvelo ukve mesame Taobis strategiaze muSaobs, metad pozitiurad aRiqmeba saerTa-Soriso sazogadoebisa da kibereqspertebis mier, rac ganapi-robebs kidec saerTaSoriso reitingebSi mowinave poziciebs.

• safuZvlianadaa gadasaxedi kritikuli infrastruqturis gansazRvris paradigma. demokratiul saxelmwifoSi kriti-kuli servisebis umetesoba biznesSia koncentrirebuli, Sesabamisad, saukeTeso praqtikis mixedviT, kritikul in-fra struqturas didwilad kerZo seqtori warmoadgens.10 aseTi dargebia energetikisa da wyalmomaragebis sfero, sabanko da safinanso seqtori, kvebis, qimiuri da samxed-ro mrewveloba, samedicino segmenti da sxva. saqarT velos kanonmdeblobiT, kritikuli informaciuli sistemebis subieqtTa nusxa mxolod samTavrobo qselebis erT nawils moicavs da ar vrceldeba biznesis sakuTrebaSi arsebul, saxelmwifosaTvis kritikulad mniSvnelovan dargebze.

• Tavdacvis sferos kritikul infrastruqturad dRevande-li kanonmdebloba Tavad Tavdacvis saministros siste-mas miiCnevs, magram ar iTvaliswinebs kerZo seqtoris im obieqtebs, romelTa gamarTuli funqcionireba sasicocx-

10

lod aucilebelia Tavdacvis sferosaTvis (mag., momsaxu-re kvebis kompania, samxedro mrewveloba, lojistikuri jaWvis Semadgeneli kerZo aqtorebi). saukeTeso praqtika iTvaliswinebs qveynis TavdacvisunarianobisaTvis Seqmnil safrTxeze msjelobas kritikuli infrastruqturis obi-eqtebze Tavdasxmis masStabebidan gamomdinare. gadasaxe-dia Tavad arsebuli kritikuli infrastruqturis dayofa Tavdacvis sferod da danarCen sajaro seqtorad. saxelm-wifoSi unda moqmedebdes erTiani nusxa kritikuli infra-struqturisa, romlis dacvac, agresiis wyarosa da Setevis masStabebidan gamomdinare, sxvadasxva saxelmwifo aqto-ris, maT Soris, zogierT SemTxvevaSi, Tavdacvis uwyebis kom-petencia iqneba.

• qselis dacvis met-naklebad ganviTarebuli meqanizmebis miuxedavad, arsebobs mtrulad ganwyobili saxelmwifos mxridan industriis kontrolis sistemebSi distanciuri hakeruli SeRwevis, supply chain-is operaciebis meSveobiT komprometirebuli teqnikuri mowyobilobebisa da pro-gramuli uzrunvelyofis Canergvis safrTxe, rac, arse-buli kanonmdeblobis pirobebSi, riskis winaSe ayenebs saxelmwifoSi arsebul TiTqmis yvela informaciul da sakomunikacio qselsa Tu sistemas. martivad rom vTqvaT, dRevandeli Sesyidvebis kanonmdebloba ar iTvaliswinebs kibersafrTxeebs da SesaZlebels xdis, rom kritikuli infrastruqturisa Tu saxelmwifo dawesebulebebis kom-piuteruli teqnika11, momsaxureba, programuli uzrunvel-yofa Seisyidon sakuTriv rusuli organizaciebisagan an Tundac sxva qveynis kompaniebis ruseTis ofisisagan. sam-wuxarod, aseTi SemTxvevebi axlo warsulSic iyo, rode-sac optikur-boWkovani magistralis Sesyidva rusuli kompaniis mier xorcieldeboda, xolo samTavrobo dawe-sebulebebis garkveul nawils mobilur sakomunikacio momsaxurebas, sxva kompaniebTan erTad, amJamad rusuli kompaniac uwevs. igive kanonmdebloba saSualebas iZl-eva internetizacia da sainformacio teqnologiebTan da kav Sirebuli sxva msxvili proeqtebi, aseve samTavro-bo struqturebis mobiluri sakomunikacio momsaxureba gana xorcielon okupanti qveynis biznesorganizaciebma12. cxadia, am mizezebis gamo, samTavrobo struqturebis sa-

11

komunikacio momsaxureba okupanti saxelmwifos kompani-is mxridan, romelic mravalganzomilebiani hibriduli omis pirobebSi warmatebiT iyenebs kibersivrces, yovlad warmoudgenelia. konceptualur doneze unda moxdes sup-ply chain-is riskebis menejmentis integrireba Sesyidvebis processa Tu riskebis marTvis sistemaSi, raTa uzrunvel-yofil iqnes saxelmwifo seqtoris mier gamoyenebuli teqnikisa da teqnologiebis usafrTxoeba da sandoo-ba. aucilebelia moxdes kiberteqnologiebis, rogorc specifikuri saqonlisa da momsaxurebis Sesyidvis gansa-kuTrebuli wesis SemuSaveba, sadac produqtis sandooba da usafrTxoeba erT-erTi ganmsazRvreli faqtori iqneba. SezRudva unda dawesdes rusuli warmoebis an ruseTis gavliT sainformacio-teqnologiuri sistemebis, teqno-lo giebis an momsaxurebis Sesyidvaze.13

• arsebuli konceptualuri da normatiuli baza ver See-sabameba insaideruli safrTxeebis mzard mniSvnelobas. sa bazro ekonomikis pirobebSi kritikuli servisebis pro vaideri kerZo seqtoria. Sesabamisad, saxelmwifo organizaciebis informaciuli masivebi xSirad kontraq-toris xelSi xvdeba, rac mniSvnelovnad zrdis insaide-ruli safrTxeebis masStabs. saqarTvelos realobaSi, saxelmwifo organizaciasTan biznesurTierTobis far-glebSi, kontraqtorisaTvis gadacemuli sensitiuri in-for maciis dacva mxolod biznesorganizaciis keTil ne-bazea damokidebuli. biznesi ki minimaluri danaxarjiT maqsimaluri mogebis miRebazea orientirebuli, amitom usafrTxoebisaTvis zedmet danaxarjebs erideba. sakiTxi saWiroebs saswrafo daregulirebas, radgan aravin icis, ra raodenobis da ra saxis arasaidumlo, magram sensiti-uri informaciaa amJamad daucveli, romelic dagrovilia kerZo qselebSi. magaliTisaTvis sadazRvevo kompaniebi-saTvis an momsaxure samedicino dawesebulebebisaTvis ga-dacemuli sajaro moxeleTa da samxedro mosamsaxureTa personaluri Tu janmrTelobis Sesaxeb informaciiis uzar mazari masivebic kmara. am tipis informacia gansa-kuTrebiT Zvirad fasobs darknetSi, rac Sesabamis sis-temebs mimzidvel samizned aqcevs rogorc finansurad motivirebuli kiberkriminalis, ise mtrulad ganwyobili

12

saxelmwifos kiberaqtorebisaTvis. aucilebelia mkveTrad iyos gansazRvruli monacemTa dacvis is standarti, rom-lis Sesrulebac saxelmwifo Sesyidvis ganxorcielebi-sas savaldebulo iqneba kontraqtorisTvis. meore mxriv, saxelmwifo unda daexmaros kerZo kompaniebs, kontraq-torebs, saxelmwifosaTvis mniSvnelovani informaciis kiberusafrTxoebis garkveuli standartis pirobebSi da-muSavebis uzrunvelyofaSi.

• sasicocxlod mniSvnelovania kiberusafrTxoeba arsebiT problemad aRiqvas saxelmwifom da biznesseqtoris top-me nejmentma. samwuxaro realobad rCeba cnobierebis daba-li done, romelic uSvebs, rom saxelmwifo uwyebebSi jer kidev nebadarTulia rusuli antivirusuli uzrun vel-yofisa Tu eleqtronuli fostis gamoyeneba. aseTi SemT-x vevebi arcTu iSviaTia. SedarebisaTvis, swored kiber-riskebis zrdis motiviT (monacemTa Segroveba, trekingi) misca rekomendacia lietuvas Sesabamisma samTavrobo uwyebam saxelmwifo moxeleebs, ar esargeblaT iandeqs-taqsis momsaxurebiT. aucilebelia, kiberusafrTxoebis cnobierebis asamaRlebeli RonisZiebaTa kompleqsis Semu-Sa veba da danergva saxelmwifo mmarTvelobis yvela do-neze.

• Tuki arsebuli strategia da normatiuli baza nawilob riv mainc aregulirebs destruqciuli kiberoperaciebis teq-ni kur efeqts, kiberarxebiT gavrcelebuli propagandi-sa da dezinformaciis mavne zemoqmedeba konceptualur do kumentaciaSi ganxiluli ar aris. aucilebelia kiber-usafrTxoebis arqiteqturaSi rusuli kiberoperaci ebis sainformacio-fsiqologiuri efeqtis prevenciaze pa su-xismgebeli uwyebebisa da maTi rolebis gansazRvra. safr-T xeTa identificirebis, safrTxis wyaroebis kvlevis, mo salodneli safrTxisa da destruqciuli aqtorebis Se saxeb miznobrivi jgufebis informirebis RonisZiebaTa organizeba.

• kiberTavdasxmis Sedegebi, aRmoCenili malvearis tipebi da safrTxis Semcveli aqtivobebi reputaciuli rikebis gamo daxurul informacias warmoadgens, arada informa-ci is saTanado gaziarebis SemTxvevaSi, riskebis marTva ga-

13

ci lebiT martivi da efeqturia. strategiul doneze un da gadawydes kiberSetevebis SedegebTan dakavSirebiT dro -uli gasajaroebisa da gamWvirvalobis politikis Se mu -Saveba, safrTxeebsa da riskebze informaciis gacvlis uw-yebaTaSorisi da sajaro-kerZo platformebis SemuSaveba.

amrigad, axali erovnuli strategiis pirobebSi aucilebelia kiberusafrTxoebis mdgomareobis ufro maRal doneze gadasvla da kiberusafrTxoebis moTxovnebis integri-reba saxelmwifos cxovrebis sxvadasxva sferoSi.

14

SeniSvnebi

1. Hearing: World Wide Cyber Threats (Open).Testimony of The Honorable James Clap-per, Director of National Intelligence. September 10, 2015. xelmisawvdomia: www.docs.house.gov/meetings/IG/IG00/20150910/103797/HHRG-114-IG00-Wstate-ClapperJ-20150910.PDF

2. ICS (Industrial control system) _ koleqtiuri termini, romelic gamoiyene-ba kontrolis sistemebisa da maTTan dakavSirebuli instrumentebis aRsawerad da aerTianebs industriuli procesebis avtomatizaciisa da operirebisaTvis gamoyenebul mowyobilobebs, sistemebs, qselebs da kontrolis meqanizmebs. dReisaTvis farTod gamoiyeneba kriti-kuli infra struqturis TiTqmis yvela mimarTulebaze, rogoricaa industria, transporti, energetika, hidromeurneoba da sxva, ris gamoc warmoadgens destruqciuli kiberoperaciebis samiznes. ICS-is gavrcelebul saxeobas warmoadgens e.w. SCADA (Supervisory Control and Data Acquisition) da DCS (Distributed Control Systems) sistemebi.

3. mavne programuli uzrunvelyofa _ Malware, malicious software _ malveari; kompiuteruli programa, romelic gamoiyeneba informaciul siste-mebSi arasanqcirebuli SeRwevis, sensitiuri informaciis Segrovebis, moparvis, ganadgurebis, Secvlis, kriptaciis an kompiuterze ukanono wvdomisaTvis.

4. Fireeye special report, 2014. APT28: A WINDOW INTO RUSSIA’S CYBER ESPIONAGE OPERATIONS?. xelmisawvdomia: www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-apt28.pdf

5. Sam Jones, “Cyber Snake Plagues Ukraine Networks,” Financial Times, 7 March 2014. xelmisawvdomia: www.ft.com/content/615c29ba-a614-11e3-8a2a-00144feab7de. www.ft.com/content/615c29ba-a614-11e3-8a2a-00144feab7de

6. dabalteqnologiuri kiberSetevis forma, romelic arasanqcirebulad cvlis saitis (vebgverdis) garegnul iersaxes, xSirad _ pirvel gverds. ZiriTadad, gamoiyeneben haqtivistebi an kiberteroristebi saprotes-to mesijis, propagandistuli masalis an sxva kontentis gasavrcele-blad. am tipis Tavdasxma 2008 wlis ivlisSi ruseTTan afilirebulma hakerebma ganaxorcieles saqarTvelos prezidentis vebgverdze da iq ganaTavses faSisturi simbolika.

7. e.w. Supply chain-is safrTxeebi _ produqtis (kompiuteruli teqnika, programuli uzrunvelyofa da sxva) miwodebis procesSi warmoqmni-li safrTxeebi, romlebic gulisxmobs momwodeblis xarvezTan daka-vSirebuli incidentis albaTobas, rodesac mimwodebeli mxare ver/ar akmayofilebs usafrTxoebis moTxovnebs an safrTxes uqmnis mimRebis usafrTxoebas, sicocxles da janmrTelobas.

8. fiSingi (Phishing) _ kiberkriminalis gavrcelebuli forma, romlis mizania msxverplis motyuebis gziT moaxdinos kompiuteris kompro-metacia, malvearis instalacia da moipovos wvdoma sensitiur infor-maciaze. fiSingis gansakuTrebul formas warmoadgens e.w. Spear-Phishing, romelic gankuTvnilia momxmareblis viwro da specifikuri wrisaTvis (mmarTveloba, garkveuli codnis, informaciis matarebeli jgufi). saWiroebs kargad momzadebul konteqsts ndobis mosapoveblad. garda finansurad motivirebuli kiberkriminalisa, fiSingis sxvadasxva for-ma aqtiurad gamoiyeneba saxelmwifoTaSoris destruqciul kiberope-raciebSi mowinaaRmdegis qselis komprometaciisaTvis.

15

9. The Global Cybersecurity Index (GCI) 2018. International Telecommunication Union (ITU). xelmisawvdomia: www.itu.int/en/ITU-D/Cybersecurity/Documents/draft-18-00706_Global-Cybersecurity-Index-EV5_print_2.pdf?fbclid=IwAR1--Sw9bTs0N0qFHBbGcGTckqeyNryG1eBGHNP9k5Ar1oNZqFyS0yFOIXA

10. PRESIDENTIAL POLICY DIRECTIVE/PPD-21:SUBJECT: Critical Infrastructure Security and Re-silience. February 12, 2013 xelmisawvdomia: www.obamawhitehouse.archives.gov/the-press-office/2013/02/12/presidential-policy-directive-critical-infrastructure-se-curity-and-resil da www.dhs.gov/cisa/critical-infrastructure-sectors

11. garda imisa, rom arsebobs sensitiuri momsaxurebis an produqciis ru-suli kompaniebisagan Sesyidvis mravali precedenti, axlo warsulSi Tavdacvis uwyebis mxridan, sxva produqciasTan erTad, adgili hqonda kompiuteruli teqnikis Sesyidvas kompaniisagan, romlis xelmZRvaneli ruseTis sasargeblod jaSuSobisaTvis nasamarTlevi piria. uwyebam msgav si incidenti saTanado kanonmdeblobis ararsebobiT axsna. cxa-dia, sakanonmdeblo vakuumi marTlac aris erT-erTi ZiriTadi, magram ara erTaderTi problema msgavsi incidentebis prevenciisaTvis, radgan e.w. supply chain-is safrTxis saTanadod aRqmis SemTxvevaSi, arasando aqtoris diskvalifikacia saxelmwifo Sesyidvis procesidan savsebiT SesaZlebelia usafrTxoebis interesebidan gamomdinare. ix.: saqarT-velos Tavdacvis saministros gancxadeba, 2 ivlisi, 2018 w. xelmisawv-domia: www.mod.gov.ge/ge/news/read/6668/saqartvelos-tavdacvis-saministros-gancxadeba

12. teqnikuri TvalsazrisiT eWvs ar iwvevs, rom mobilur operators aqvs yovelgvari saSualeba, gaakontrolos momxmareblis zarebi, mimowera, uTvalTvalos mis gadaadgilebas, daafiqsiros lokacia da Tu saWiro gaxda, Tavad mobiluri mowyobiloba (telefoni, tableti da sxva) an masSi arsebuli informacia gamoiyenos sadazvervo an ZirgamomTxreli saqmianobisaTvis. mobiluri internetis gamoyenebis SemTxvevaSi ki, op-eratoris survilis Sesabamisad, nebismieri abonentis piradi Tu saja-ro cxovreba SeRwevadi xdeba. swored mobiluri operatoris SesaZ­leblobebi da am arxiT miRebuli metamonacemebi gamoiyena ruseTma ukrainis konfliqtSi sxvadasxva sirTulis samxedro Tu politikuri amocanis gadasaWrelad, SantaJis, daSinebisa Tu saartilerio darty-mebis koordinatebis gansasazRvrad.

13. msgavsi precedenti aSS-is specsamsaxurebma Seqmnes, sadac cno-bili kasperskis skandalis Semdgom saxelmwifo uwyebebs 90 dRe miecaT aRniSnuli programuli uzrunvelyofis deinstalaciisaTvis. xelmisawv domia: www.reuters.com/article/us-usa-cyber-kaspersky/trump-signs-into-law-u-s-government-ban-on-kaspersky-lab-software-idUSKBN1E62V4