Cyber Security - The Times Of Central Asia

Viewing results 1 - 6 of 4

Cyber Déjà Vu: Is Russia Spying on Kazakhstan Again?

Another espionage scandal is gaining traction in the Western media, with Kazakhstan once again at its center. Within Kazakhstan, however, the topic of Russian cyber activities against the country is receiving minimal attention in the press. While Akorda seeks to navigate its delicate relationship with the Kremlin, any overt allegations of espionage might provoke Moscow’s powerful propaganda machine, which continues to exert significant influence over public opinion in Kazakhstan. This time, the intrigue is unfolding in cyberspace, where a hacker group identified as UAC-0063, potentially linked to the Kremlin-backed Advanced Persistent Threat (APT) group known as APT28, has been implicated in spying on diplomatic institutions across Central Asia. The group’s activities, which can be traced back to at least 2021, have targeted not only Kazakhstan, but also Kyrgyzstan, Tajikistan, and other countries. Their previous targets include diplomatic, non-profit, academic, energy, and defense organizations in Ukraine, Israel, India, and the wider Central Asian region. According to a cyber espionage investigation by Sekoia, UAC-0063 hackers infiltrated Kazakhstan's Ministry of Foreign Affairs by leveraging official documents, such as emails, draft memos, and internal administrative communications. These documents — likely used to deliver malware — were either stolen in prior cyber operations, obtained from open sources, or acquired through other unknown means. Sekoia identified around two dozen such documents, dating from 2021 to October 2024, which primarily addressed Kazakhstan’s diplomatic cooperation and economic relations with other countries. The researchers suggest this campaign is part of a broader, Kremlin-backed global cyber espionage operation targeting Central Asia, with a particular focus on Kazakhstan's foreign relations. This latest revelation is a reminder of other episodes. One prominent ongoing case involves individuals in London who stand accused of preparing actions at the behest of Russia against Kazakhstan's diplomatic mission in the United Kingdom and targeting President Kassym-Jomart Tokayev’s son. Even more striking is the echo of the Pegasus spyware scandal, which emerged in 2021. An investigation by the Organized Crime and Corruption Reporting Project (OCCRP) revealed that the Israeli-developed Pegasus spyware was used to monitor a wide range of individuals in Kazakhstan, including independent journalists, activists, human rights defenders, and high-ranking officials. Among the targets were President Tokayev, then-Prime Minister Askar Mamin, former Akim of Almaty Bakytzhan Sagintayev, and several of Kazakhstan’s wealthiest business-people. At the time, public suspicion fell upon Karim Massimov, the former chief of the National Security Committee (KNB), as the perpetrator of the Pegasus surveillance. However, the issue faded into obscurity following the unrest of January 2022, the events of which were officially described as an attempted coup d’état. To this day, no definitive answers have been provided about who orchestrated the Pegasus cyberattacks or their motives. Now, with fresh reports of Russian-linked malware targeting Kazakhstan’s cyber-security, it appears that history may be repeating itself. The key question which remains - is this merely a case of déjà vu, or could it signal the groundwork for a new effort to destabilize Kazakhstan?

International event Cyber Security

Almaty to Host International Conference KazHackStan-2024

The Kazakh Ministry of Digital Development, Innovation and Aerospace Industry has announced that Almaty is to host KazHackStan-2024 from 11-13 September. Featuring presentations by more than 30 worldwide specialists, the cybersecurity conference is expected to attract over 5,000 visitors from home and abroad. KazHackStan will represent all aspects of cyber defense. Government & Business Day will provide a platform for discussion on policy and legislation; Secure Development Day, on experiences in secure software development; and HackDay, where experts and novices will learn about hacking techniques and vulnerabilities. As part of the conference, the Ministry and the Centre for Analysis and Investigation of Cyber Attacks, will conduct a panel session for members of Organization of Turkic States on cybersecurity in the region. The event will also include a CyberKumbez competition - the largest hacker competition in Central Asia – involving over 100 hackers and representatives of both large companies and government agencies. Models of real IT infrastructure have been prepared for participants to simulate and neutralize virtual threats, to help ensure the future security of the state and society.

Cyber Security UN Legislation Strategy

Kazakhstan Joins UN Crime Prevention Commission for First Time

The 33rd session of the UN Commission on Crime Prevention and Criminal Justice (CCPCJ) was held in Vienna. According to the press service of the Ministry of Foreign Affairs, Kazakhstan has been elected for the first time to the CPPUC for the period from 2025 to 2027 and "is ready to make its practical contribution to the work of the commission, taking into account the accumulated national experience in crime prevention and criminal justice." The permanent representative of Kazakhstan to international organizations in Vienna, Mukhtar Tleuberdi informed the participants of the session about the latest reforms in law enforcement agencies of Kazakhstan, the development of the penitentiary system to bring it closer to international standards, including reducing the number of prisoners, rehabilitation, reintegration of citizens returning from conflict zones, as well as reducing the level of re-offenders. The Kazakh delegation also stressed the importance of developing international cooperation on preventing and combating organized crime, corruption, terrorism, and other criminal activities. "Mukhtar Tleuberdi emphasized the contribution of the UN Office on Drugs and Crime (UNODC) and donor countries in the implementation of these tasks, assuring the further support of Kazakhstan to the activities of UNODC, including through the allocation of voluntary contributions to the Global Program against Cybercrime,", stated the Ministry of Foreign Affairs.

Disinformation Cyber Security Internet Security China

Large-Scale Cyberattacks on Kazakhstan Continue

Leaks of millions of citizens data, attacks by hackers, hourly calls from fraudsters - these are just some of the threats which have faced Kazakhstan over the past few months. Following the resignation – or dismissal depending on which source one believes - of the head of the Ministry of Digital Development, Innovation and the Aerospace Industry, Bagdat Mussin, many wonder whether the authorities will be able to secure Kazakhstan's internet. The Times of Central Asia investigates. On May 9, AlmaTV, Kazakhstan’s largest internet and cable TV provider, suffered an attack by hackers which caused disruption to its’ services. “According to data received… the cause of the disruption was a large-scale and multi-level cyberattack," AlmaTV stated. The outage solely affected internet broadcasting, whilst analog, digital and satellite TV services were working normally. According to numerous sources, the broadcast of the Victory Day military parade in Moscow was interrupted by footage of an anti-Russian nature, alleged torture, and other explicit content. Officials in Kazakhstan have yet to commented. This is not the first scandal in the sphere of cybersecurity. In March of this year, the State Technical Service JSC discovered that personal data pertaining to over two million clients of the microfinance organization, zaimer.kz (MFO Robocash.kz LLP), had been compromised. Warnings about the leak were also received by people who had never used the company’s services. In the opinion of many analysts, the reaction of the Ministry of Digital Development, Innovations and the Aerospace Industry was extremely late in coming, extremely vague, and in no way reassured Kazakhstanis about the safety of their private information. Mussin was accused of making excuses, poor-quality communication, failing to answer questions, and “babble talk.” In addition, back in February, foreign media, in particular CyberNews, reported that in leaked Chinese Government documents, data belonging to residents of Kazakhstan was found. The documents were related to spyware developed by the Chinese information security company, iSoon, and targeted social media platforms, telecommunications companies, and other such organizations. Allegedly, unknown assailants have posted a huge number of PRC government documents on GitHub. The information circulated also revealed sensitive data pertaining to several telecom operators in Kazakhstan. Also in February, a shocking statement by the Center for Analysis and Investigation of Cyberattacks (TSARKA) appeared, according to which a Chinese hacker group controlled the critical facets within Kazakhstan's IT infrastructure for almost two years. “On February 16, 2024, unknown persons published on the GitHub resource a leak of secret data from the Chinese company iSoon (aka Anxun), one of the contractors of the Chinese Ministry of Public Security (MPS). It is reported to be associated with Chengdu 404, a structure controlled by Chinese cyber intelligence known as APT41,” TSARKA said. “The attackers’ goal was both general information, such as databases, and targeted information of specific individuals: control of correspondence, calls and movement. Data analysis showed that the volume of stolen information is measured in terabytes.” The hackers managed to gain control over the event logs, call durations, IMEIs of devices, and...