Main Logo Expert commentary on tech and security

From ally to outcast, what’s next for Georgia’s cyber future?

Mamuka Kirkitadze 24 December 2024
Share On:
As the Georgian government moves in an increasingly anti-democratic direction, Western partners are cutting aid and strategic programming, with serious impacts for Georgia’s cybersecurity capacity
Main Top Image
Image created using Midjourney

In the lead-up to the 2008 war with Russia, Georgia became the target of cyberattacks timed to coincide with the Russian invasion. These attacks included distributed denial-of-service (DDoS) attacks that crippled government communication networks, the defacing of official websites, and the targeting of financial institutions and media outlets. Although these events galvanised international support for Georgia in strengthening its cyber resilience, this vital assistance has since diminished, leaving the country increasingly vulnerable.

Despite this early warning of cyber risks to come, Georgia has since struggled to secure its cyberspace. This struggle stems from a combination of factors, including inconsistent political commitment, limited budget allocations for cybersecurity, and a lack of institutional coordination. Russian has been testing its cyber capabilities on Georgia, disrupting the country’s cyber efforts. Reliance on international support and the absence of a unified, long-term strategy have left Georgia reactive rather than proactive.

In recent years, the ruling Georgian Dream party has transformed into a ‘Georgian nightmare,’ dismantling democratic institutions, undermining European integration efforts, and adopting an increasingly pro-Russian stance. Amidst the passing of a controversial Russian-style ‘foreign agent’ law, the official suspension of EU accession talks, and crackdowns on mass anti-government protests, Georgia’s relationships with once-close Western partners have deteriorated. As a result, Georgia’s already vulnerable cybersecurity infrastructure has been cut off from strategic partnerships and external funding, leaving the country open to hybrid attacks and other risks.

UK-Georgia collaboration

The United Kingdom and Georgia have a long-standing strategic relationship, exemplified by the 2014 Wardrop Strategic Dialogue, which fostered cybersecurity and defence cooperation. Since 2018, the UK’s National Cyber Security Centre has provided training and support to enhance Georgia’s cyber capabilities. This partnership proved vital during a 2019 cyberattack attributed to the GRU (Russian military intelligence). The hack involved a website defacement campaign that targeted government and NGO websites, national broadcasters, and businesses across Georgia, replacing content with an image of former President Mikheil Saakashvili captioned ‘I’ll be back’. This was primarily a psychological attack, aiming to instil fear about Georgia’s stability rather than cause significant disruption to infrastructure. 

The UK-Georgia Cyber Partnership has been instrumental in strengthening Georgia’s cyber ecosystem through research and capacity-building initiatives. As recently as 2022, the UK allocated over £5 million ($6.37 million) to support cybersecurity collaboration with Georgia’s Ministry of Defense. The Cyber Security Bureau (CSB) of the Georgian Ministry of Defense also participated in Defense Cyber Marvel, an annual cyber defence competition. 

However, this once-robust collaboration has taken a significant hit. The UK recently announced that they would freeze the Wardrop Dialogue, cancel high-level defence talks, and put a new cybersecurity program on hold, citing anti-democratic actions and anti-Western rhetoric from the Georgian government. 

EU investment and reassessment

The United Kingdom has not been alone in investing in Georgian cyber capabilities. In 2021, the EU provided critical hardware and software worth $231,000, as well as training, to the CSB.

Additionally, the EU implemented a €1.3 million ($1.36 million) project to strengthen Georgia’s preparedness for and resilience against cyber threats. The initiative focused on capacity building and developing cybersecurity frameworks aligned with EU standards. A key beneficiary of this project was Georgia’s Digital Governance Agency, a relatively new organisation that oversees the cybersecurity domain through its Government Computer Emergency Response Team. The project significantly improved the agency’s ability to manage cyber incidents. Nevertheless, the recent EU reassessment of its partnership with Georgia, driven by concerns over anti-democratic actions, has raised questions about the continuity of such capacity-building programmes.

US-Georgia relations

The United States and Georgia have also shared a robust defence partnership, with the US providing more than $2 billion in assistance to the Georgian armed forces over three decades. This partnership extended to cybersecurity, with several programmes to enhance the resilience of the Georgian government and critical infrastructure against cyber threats. USAID’s Critical Infrastructure Cybersecurity Program supported Georgia in fully implementing its Law on Information Security, aligning cybersecurity laws with EU directives, and enhancing the capabilities of cybersecurity professionals. Additionally, the Securing Georgia’s Energy Future Program addressed cybersecurity threats to energy infrastructure.

However, the US, like the UK and EU, has recently reassessed its relationship with Georgia, suspending its strategic partnership and pausing over $95 million in aid that directly benefited the Georgian government. While specific cyber-related programmes have not yet been publicly identified as halted, it is highly likely that such initiatives, including government support programmes have also been suspended.

Despite support, Georgia remains vulnerable

Even before Western partners began scaling back their support, Georgia was highly vulnerable to cyber and disinformation threats originating from Russia.

In the lead-up to Georgia’s October 2024 parliamentary elections, it was revealed that Russian intelligence had conducted an extensive espionage and hacking campaign targeting Georgia’s government and critical industries. Between 2017 and 2020, Russian operatives infiltrated key Georgian ministries and industries. This campaign enabled the Kremlin to access, and potentially sabotage, vital infrastructure, including electricity companies, oil terminals, media platforms, and government departments.

By late 2019 and into early 2020, Russian hackers were monitoring employees of Telasi, a Tbilisi-based electricity distribution company, reading their emails and surveilling them via internal cameras. Another state-owned energy company was also targeted, with hackers gaining the ability to disable electrical substations and cut power to Georgian regions.

Direct cyber intrusions are not the only threat. In the run-up to the elections, Russia’s Foreign Intelligence Service (SVR) launched a coordinated disinformation campaign aimed at undermining Georgia’s relationship with Western allies. The campaign sought to portray countries like the United States as manipulative external actors interfering in Georgia’s internal political affairs, targeting public trust and fostering anti-Western sentiment.

Adding to Georgia’s challenges is the continued popularity of Russian-linked services like Yandex Go, a ride-sharing and delivery company tied to the Russian Federal Security Service (FSB). One Yandex provider was found to have illegally transferred users’ personal data, including IP addresses, to servers in Russia. This raises serious concerns about the security risks posed by such platforms. While Estonia, Latvia, and Ukraine have banned Yandex services over similar concerns, Georgians continue to rely on it. Addressing this issue requires international support to help Georgia phase out services linked to adversarial states and to educate the public about the dangers these platforms pose. Reduced support from Western partners will only exacerbate the problem.

Once again on the geopolitical crossroads

Although Georgia has benefited from its Euro-Atlantic partnerships, the country faces relentless pressure from the Kremlin. Withdrawal of support undermines Georgia’s ability to harden its critical infrastructure, develop a robust cybersecurity culture, and strengthen governance bodies responsible for managing cyber resilience. The country needs these resources to update its cyber policies and regulations to meet international standards and handle emerging threats.

Georgia’s recent strategic partnership agreement with China further complicates its position. It risks creating dependencies that limit Georgia’s ability to act independently and further isolate it from democratic allies. This redirection not only heightens Georgia’s vulnerability to Russian aggression but also introduces the challenge of navigating powerful Chinese influence, including in the cybersecurity sector.

Without a clear recommitment to democratic principles and the restoration of Western strategic partnerships, Georgian cyberspace risks being trampled upon by competing global powers. To secure its cyber future, Georgia must prioritise the hardening of critical infrastructure in both the public and private sectors, invest in training cybersecurity specialists, and strengthen its governance frameworks. Failure to do so will leave the country exposed to hybrid threats from adversaries while jeopardising long-term stability and sovereignty.

avatar
Mamuka Kirkitadze

Related

Featured image
Binding Edge
Introducing Binding Hook
James Shires / Max Smeets 7 November 2023
Read more arrow
Featured image
Binding Edge
Covert Hops
Daniel Salisbury 19 December 2023
Read more arrow
Featured image
Binding Edge
Responsibly disrupting cyber-enabled counterterrorism operations
Michael Genkin 8 October 2024
Read more arrow

Terms and Conditions for the AI-Cybersecurity Essay Prize Competition

Introduction

The AI-Cybersecurity Essay Prize Competition (the “Competition”) is organized by Virtual Routes (“Virtual Routes”) in partnership with the Munich Security Conference (“MSC”). It is sponsored by Google (the “Sponsor”). By entering the Competition, participants agree to these Terms and Conditions (T&Cs).

Eligibility

The Competition is open to individuals worldwide who are experts in the fields of cybersecurity and artificial intelligence (“AI”). Participants must ensure that their participation complies with local laws and regulations.

Submission Guidelines

Essays must address the question: “How will Artificial Intelligence change cybersecurity, and what are the implications for Europe? Discuss potential strategies that policymakers can adopt to navigate these changes.”

Submissions must be original, unpublished works between 800-1200 words, excluding footnotes but including hyperlinks for references.

Essays must be submitted by 2 January 2025, 00:00 am CET., through the official submission portal provided by Virtual Routes.

Only single-authored essays are accepted. Co-authored submissions will not be considered.

Participants are responsible for ensuring their submissions do not infringe upon the intellectual property rights of third parties.

Judging and Awards

Essays will be judged based on insightfulness, relevance, originality, clarity, and evidence by a review board comprising distinguished figures from academia, industry, and government.

The decision of the review board is final and binding in all matters related to the Competition.

Prizes are as follows: 1st Place: €10,000; Runner-Up: €5,000; 3rd Place: €2,500; 4th-5th Places: €1,000 each. The winner will also be invited to attend The Munich Security Conference

Intellectual Property Rights

The author retains ownership of the submitted essay.

By submitting the essay, the author grants Virtual Routes exclusive, royalty-free rights to use, reproduce, publish, distribute, and display the essay for purposes related to the Competition, including but not limited to educational, promotional, and research-related activities.

The author represents, warrants, and agrees that no essay submitted as part of the essay prize competition violates or infringes upon the rights of any third party, including copyright, trademark, privacy, publicity, or other personal or proprietary rights, breaches, or conflicts with any obligation, such as a confidentiality obligation, or contains libellous, defamatory, or otherwise unlawful material.

The author agrees that the organizers can use your name (or your pseudonym) and an image of you in association with your essay for purposes of publicity, promotion and any other activity related to the exercise of its rights under these Terms.

The organizers may remove any essay-related content from its platforms at any time and without explanation.

The organizers may block contributions from particular email or IP addresses without notice or explanation.

The organizers may enable advertising on its platforms and associated social media accounts, including in connection with the display of your essay. The organizers may also use your Material to promote its products and services.

The organizers may, at its sole discretion, categorise Material, whether by means of ranking according to popularity or by any other criteria.

Data Protection

Personal information collected in connection with the Competition will be processed in accordance with Virtual Routes’ Privacy Policy. Participants agree to the collection, processing, and storage of their personal data for the purposes of the Competition.

Liability and Indemnity

Virtual Routes, MSC, and the Sponsor will not be liable for any damages arising from participation in the Competition, except where prohibited by law.

Participants agree to indemnify Virtual Routes, MSC, and the Sponsor against any claims, damages, or losses resulting from a breach of these T&Cs.

General Conditions

Virtual Routes reserves the right to cancel, suspend, or modify the Competition or these T&Cs if fraud, technical failures, or any other factor beyond Virtual Routes’ reasonable control impairs the integrity or proper functioning of the Competition, as determined by Virtual Routes in its sole discretion.

Any attempt by any person to deliberately undermine the legitimate operation of the Competition may be a violation of criminal and civil law, and, should such an attempt be made, Virtual Routes reserves the right to seek damages from any such person to the fullest extent permitted by law.

Governing Law

These Terms and Conditions are governed by the laws of the United Kingdom, without regard to its conflict of law principles. Any dispute arising out of or in connection with these Terms and Conditions, including any question regarding its existence, validity, or termination, shall be referred to and finally resolved by the courts of the United Kingdom. The participants agree to submit to the exclusive jurisdiction of the courts located in the United Kingdom for the resolution of all disputes arising from or related to these Terms and Conditions or the Competition.