Cyberattacks Double in Kazakhstan in Early 2025
Kazakhstan experienced a sharp increase in cyberattacks during the first quarter of 2025, with 30,000 information security incidents recorded between January and May, double the number reported during the same period in 2024. According to data from research agency Ranking.kz, the most significant growth was observed in botnet-related activity, including spam mailings, password cracking, and remote system intrusions that cause service disruptions. Such incidents surged to 17,600 in the first quarter of 2025, compared to just 1,700 a year earlier. Conversely, attacks involving computer viruses, worms, and Trojans declined by 17.9% year-on-year, totaling 7,900 cases. However, phishing attempts targeting Kazakhstani users rose by 37.2%, reaching 2,000 reported incidents. Other categories saw a decrease. Cases involving inaccessibility of internet resources dropped by 48.1% to 112, while distributed denial-of-service (DDoS) attacks fell to 23, down from 30 in the same period last year. Incidents of unauthorized access or modification of digital content also declined slightly, with nine reported cases versus 13 previously. Despite the rise in cyber threats, Kazakhstan’s IT sector continues to demonstrate robust growth. In 2024, the value of services in computer programming, consulting, and related fields reached 1.5 trillion tenge (approximately $2.9 billion), a 36.3% increase compared to 2023. Since 2016, the volume of services in this sector has expanded more than tenfold, and by over fivefold since 2019. Regionally, Almaty and Astana dominated the sector, accounting for 90.2% of all IT services provided. Almaty led with KZT 853.1 billion ($1.6 billion), followed by Astana with KZT 486.7 billion ($950 million). The lowest activity was recorded in the Ulytau region, with only KZT 712.3 million ($1.3 million) in services. Separately, The Times of Central Asia previously reported that a Chinese firm involved in cyber intelligence operations had been active in Kazakhstan for several years, accessing telecom data over an extended period.