Abstract
Libya has started transferring traditional govern-ment services into e-government services. The e-government initiative involves the use of websites to offer various services such as civil registration, financial transaction and private information handling. Currently, there has not been many studies about the security assessment of the Libyan government websites. Therefore, in this paper, we did a web security assessment of 16 Libyan government websites. The main purpose of this study is to determine the security level of these websites. The web security as-sessment was done in four phases: Reconnaissance, Enumeration and Scanning, Vulnerability assessment (web vulnerabilities and SSL encryption evaluation) and Content Analysis(security and privacy policies). The results showed that 9 websites have high and medium level vulnerabilities. Only 3 websites have A SSL rating. Also, only 3 websites have published security and privacy policies. We found 1 highly unsafe website, 6 unsafe websites, 8 somewhat safe websites and, 1 safe website. Overall, the study indicated the Libyan government websites are adequately secured without major security issues. Since these Libyan government websites deal with sensitive data, adequate security measures should be implemented to reduce the vulnerabilities and to mitigate future cyber security attacks.
Highlights
Internet technology has made a great contribution in changing the global economy
The 742 hosts have been copied into Excel file and classified to get only the main domains of the government websites
We identified 37 Libyan government websites under the domain gov.ly from our analysis
Summary
Many governmental and private organization see the opportunity to improve efficiency by providing services online (E-services) through websites or portals[1][2]. The e-services or websites are important to make organization compete and survive in the global economy. The websites might have various flaws and weaknesses which they could be exploited by cyber attackers. These security issues are threatening the confidentiality, the integrity of peoples and government information, and threatening availability of the services[5], [6], [7]. According to Edgescan vulnerability statistic report 2018, that both large global organization and governments have faced various breaches. Millions of clients’ and employees’ records were leaked, and web services are facing various critical and high vulnerabilities
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
