• KGS/USD = 0.01144 0%
  • KZT/USD = 0.00191 -0%
  • TJS/USD = 0.10840 0.37%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00191 -0%
  • TJS/USD = 0.10840 0.37%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00191 -0%
  • TJS/USD = 0.10840 0.37%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00191 -0%
  • TJS/USD = 0.10840 0.37%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00191 -0%
  • TJS/USD = 0.10840 0.37%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00191 -0%
  • TJS/USD = 0.10840 0.37%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00191 -0%
  • TJS/USD = 0.10840 0.37%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
  • KGS/USD = 0.01144 0%
  • KZT/USD = 0.00191 -0%
  • TJS/USD = 0.10840 0.37%
  • UZS/USD = 0.00008 0%
  • TMT/USD = 0.28571 0%
Menu
Search
14 November 2025
Menu

Viewing results 1 - 6 of 12

AI

Kazakhstan Pushes Nationwide AI Rollout Amid Cybersecurity Risks and Skills Shortages

Kazakhstan is preparing to deploy artificial intelligence (AI) on a large scale across the economy, government, and education. However, experts warn that without transparency, constant auditing, and stronger oversight, the program risks falling short of its goals. Slow Progress and Security Risks A meeting on AI development was held in Astana on August 11, attended by President Kassym-Jomart Tokayev, Prime Minister Olzhas Bektenov, and senior government officials. According to Tokayev, Kazakhstan’s main objective is to become a digital hub in Eurasia, but sluggish implementation, weak control mechanisms, and a shortage of qualified personnel are stymying progress. “I have already spoken about accelerating the creation of a unified national digital ecosystem," Tokayev said. "I have instructed that the necessary infrastructure be prepared, a legislative framework and data collection system be developed, and work begin on the introduction of artificial intelligence. However, the progress in implementing these instructions is unsatisfactory.” Cybersecurity is the priority, as current systems remain highly vulnerable. Since the start of the year, more than 40 major data breaches have occurred. The largest incident, in June, leaked 16.3 million records containing the personal data of Kazakh citizens, out of a population of 20 million, into the public domain. This was confirmed by Olzhas Satiev, president of the Center for Analysis and Investigation of Cyber Attacks (CARCA). By the end of the year, AI is set to be incorporated into e-government and Smart City projects, with a particular emphasis on the AI-Sana program, which aims to develop human capital and transform universities into research centers. The government is also responsible for introducing AI into state agencies and national companies, as well as drafting new legislation regulating AI. There are also plans to migrate all state and quasi-state digital systems onto a single sovereign platform. The national digital platform, QazTech, entered into commercial operation in July. Partnerships With China Kazakhstan intends to work closely with China on new digital products. Tokayev has pointed to China’s DeepSeek platform, developed for $6.5 million, far below the cost of Western equivalents, as an example to learn from. In February 2025, the National Academy of Sciences signed a memorandum with Zhejiang University of Technology, establishing an International Joint Laboratory for Spatio-Temporal Artificial Intelligence and Sustainable Development. The lab will focus on energy and climatology projects. In August, Tokayev expressed support for China’s proposal to create a World Organization for AI Development. Concerns Over Oversight and Staffing Independent analysts believe Kazakhstan has the potential to integrate AI into many aspects of daily life, given its relatively high level of digitalization. However, they warn of the risk of large sums being wasted on ineffective projects. Economist Rassul Rysmambetov has called for a full audit of more than a thousand large state IT systems to identify ineffective platforms. He also highlighted the shortage of skilled personnel: “There is too much technology, but not enough staff. Investments and start-ups sound like good slogans, but where are the professionals? I have often seen IT specialists forced into other jobs due to...

Cyber Security

Kazakhstan Confronts Major Data Leak in High-Stakes Security Crackdown

A detective thriller worthy of a Hollywood script is quietly playing out in the daily lives of Kazakhstani citizens, one with implications for nearly every household. At its core lies the largest leak of personal data in Kazakhstan’s history, unfolding across Almaty and Astana. The incident touches on something deeply personal: data that could be weaponized by fraudsters for illicit gain. Sixteen Million Records Exposed In early June, the Telegram channel SecuriXy.kz, known for its cybersecurity reporting, revealed a massive breach of Kazakh citizens' personal data. "A CSV file containing the personal data of Kazakh citizens, containing 16.3 million lines, has been discovered. The table contains the following fields: Last name, First name, Middle name, Gender, Date of birth, ID number, IIN [Bank Identification Number], Mobile phone number, Work phone number, Home phone number, Citizenship, Nationality, Address, Confirmed address, Start and end dates of residence," the channel stated. The analysis identified 16,302,107 records, 16.9 million unique phone numbers, and 15,851,699 unique individual identification numbers (IINs), the number of citizens whose information had been compromised. “The ‘address’ field often contains the addresses of dental clinics, polyclinics, the Tax Committee, universities, and other organizations,” the channel noted. The leak included highly sensitive personal data such as contact details and IINs, which the channel warned could be used for: “Phishing, social engineering, document forgery, and telephone fraud.” The data appears to have been compiled over a significant period. SecuriXy.kz reported that, “Most of the records were entered into the system after 2011,” with over two million added in 2022 alone. Data from 2023-2024 also appears, underscoring the leak's relevance. The revelation sparked swift reactions from officials. The Ministry of Digital Development, Innovation, and Aerospace Industry (MCIAI) released a statement confirming an investigation in collaboration with law enforcement and intelligence agencies. “It should be noted that the initial analysis indicates that the information may have originated from private information systems. No hacker attacks or leaks of personal data from state information systems have been recorded at this time. It is premature to draw final conclusions or confirm the accuracy of the information until the investigation is complete,” the ministry stated, adding that similar past incidents often involved outdated data compiled by service sector firms or microfinance institutions. “The ministry is monitoring the situation," the authorities concluded. "Additional information will be posted after the investigation is complete.” Cybersecurity experts, however, were less dismissive. Enlik Satieva, vice president of the TSARKA Group, a cybersecurity firm affiliated with the government, stressed the seriousness of the breach. "These are not just names," she stated. "The published database contains the most important personal data of citizens. In particular, it includes surnames, first names, patronymics, gender, dates of birth, IINs, citizenship, nationality, residential addresses, registration and residence periods, as well as mobile, home, and work phone numbers." Satieva suggested that some of the data may have been sourced from medical organizations, and that the leak might stem from a specific entity or multiple sources linked through IINs. Criminal Case and Contradictions...

Anti-fraud

Kazakhstan to Hold Banks and Mobile Operators Liable for Online Fraud Losses

Kazakhstan will introduce joint liability for banks and mobile operators in cases of internet fraud involving their infrastructure, President Kassym-Jomart Tokayev announced during an extended meeting of the country’s law enforcement agencies. Addressing the growing threat of cybercrime, Tokayev emphasized the importance of prevention, noting that many internet and phone scams originate from well-organized criminal networks operating abroad, complicating investigation and prosecution. “Preventive measures are therefore crucial. Last year, a modern anti-fraud center was established at the National Bank of Kazakhstan to detect and block suspicious transactions,” Tokayev said. “We are now introducing joint liability for banks and mobile operators in fraud cases involving their infrastructure.” Tokayev also raised concerns over citizens' involvement in money laundering schemes. “Fraudsters lure people into laundering operations by offering rewards for access to their bank accounts. Many comply without considering the severe legal consequences,” he noted. A major enabler of these crimes is the widespread use of SIM cards registered under false identities. According to the president, nearly 100,000 such cases have been detected so far in 2025. The National Bank reported that since July 2024, the anti-fraud center has frozen over 63,000 suspicious transactions worth 2.5 billion tenge (approximately $4.83 million). Common schemes include telephone scams (22%), fake investment platforms (19%), and misuse of so-called “dropper” cards (19%).Continue reading

Digital Development

The Battle for Control Over Central Asia’s Digital Future

Central Asia is digitalizing quickly. Governments across the region have invested in smart cities, 5G, and AI-powered platforms. Kazakhstan ranks 24th in the world in global e-government indexes, and in Tashkent and Bishkek, young, tech-savvy populations are pushing for innovation. But such progress is not without risks. A new report from the German Marshall Fund (GMF), a Washington-based think tank, outlines how Central Asia is becoming ever more reliant on Chinese and Russian technology. These two countries, the report argues, are using digital tools not just to supply infrastructure but to shape how governments in the region manage data, surveillance, and speech. Beijing and Moscow’s tech exports act as snares, tying customers into their own economies. “Central Asian governments are aware of these challenges,” Dylan Welch, the author of the report and a China analyst at the GMF, told The Times of Central Asia. But he notes that it can be difficult to convince policymakers to prioritize the dangers of such overexposure. “For the national leaders, their imperative is to deliver economic growth because they have these young, dynamic populations that need jobs… if they don't deliver on that, then they're in for a long period of instability at home,” he said. This makes Chinese and Russian offers to develop their digital industries extremely tempting. An Entrenched Presence The report coincides with a flurry of Russian and Chinese engagement in the region. Over the weekend, Kazakhstan announced that between them, Beijing and Moscow will be responsible for delivering a new generation of nuclear reactors to the country, currently leaving French and Korean alternatives out in the cold. Then came this week’s visit of Chinese President Xi Jinping to Astana for a summit with the five Central Asian leaders. On the digital front, one notable announcement from this summit included a plan to develop an Artificial Intelligence Cooperation Center in Kyrgyzstan. China has used the term “Digital Silk Road” to describe its investments in Central Asia, and it has built much of the physical infrastructure behind the region’s digitization drive. For its part, Russia has exported its software, legal models and surveillance practices. Taken together, these systems are helping local governments tighten control over digital life. “This strategic integration makes it more difficult for regional states to diversify in the future, even though many continue to pursue multi-vector foreign policies aimed at balancing global partnerships,” Yunis Sharifli, Non-Resident Fellow at the China-Global South Project, told TCA. Where the Vulnerabilities Lie The report uses a “technology stack” framework to explain the problem. This framework looks at five layers: network infrastructure, data storage, consumer devices, digital platforms, and government policies. Across these layers, it argues, Central Asia is exposed to Chinese and Russian influence. Take Kazakhstan. It may be the most advanced digital economy in the region, but most of its internet traffic still passes through Russia. Telecom firms across the region are also required to install a Russian-made surveillance technology known as SORM (System for Operative Investigative Activities), which can intercept internet...

Cyber Security

Personal Data of 16 Million Kazakh Citizens Leaked

Kazakhstan has experienced one of the most extensive personal data breaches in its history. According to Olzhas Satiev, President of the Center for Analysis and Investigation of Cyber Attacks (CARKA), over 16.3 million records, representing nearly the entire population, have been made publicly accessible. Scope of the Breach The compromised data includes surnames, first names, patronymics, gender, date of birth, individual identification numbers (IIN), addresses, phone numbers, citizenship, ethnicity, and other sensitive details. The source of the leak has not been identified. Experts suggest it may be a compilation of previously hacked databases redistributed via closed Telegram channels. Alternatively, it could stem from a new, as yet undetected breach. “This is one of the largest leaks. An investigation is currently underway. We are awaiting information from the technical service of the National Security Committee (KNB),” said Satiev. Government Response and Ongoing Investigation The Ministry of Digital Development, Innovation and Aerospace Industry (MCIA) stated that it is closely monitoring the incident. The ministry’s Information Security Committee, in cooperation with law enforcement and intelligence agencies, is analyzing the leaked data and verifying its relevance. Initial assessments suggest the breach likely originated from private information systems. The MCIA emphasized that no cyberattacks on government databases have been detected. “It is premature to draw final conclusions or confirm the accuracy of the leaked information until the investigation concludes,” the ministry said. Individuals affected by the leak will be notified through the e-government portal. The ministry also noted that previous leaks involved outdated information sourced from microfinance organizations and other commercial entities. Combating the Shadow Data Market Separately, the Ministry of Internal Affairs recently dismantled an organized group involved in the illegal sale of personal data. Authorities say the group accessed state databases and distributed information through Telegram channels, often in cooperation with debt collection agencies. More than 140 individuals, including channel administrators and company executives, were detained. Five suspects remain in custody. Investigators seized over 400 pieces of computer and electronic equipment. “The information was obtained from state databases and distributed through Telegram channels. Work is ongoing to identify all parties involved,” said Zhandos Suinbay, head of the Interior Ministry’s cybercrime division. Criminal proceedings have been launched under Articles 205 (unlawful access to information), 147 (violation of privacy), and 211 (distribution of restricted data) of the Criminal Code of Kazakhstan. The Interior Ministry vowed to intensify efforts to prevent further data breaches and urged citizens to be cautious, particularly when sharing personal information or using unsecured digital platforms.

Cyberattacks

Ongoing DDoS Attack Disrupts Kazakhstan’s Digital Infrastructure

Kazakhstan is experiencing a large-scale Distributed Denial of Service (DDoS) attack that is disrupting online services across government portals, banking systems, and telecommunications networks. The attack, which began earlier this week, has overwhelmed servers by bombarding them with excessive traffic, rendering critical digital infrastructure inaccessible for thousands of users. The Impact on National Systems The scope of the attack has significantly hobbled online platforms that citizens and organizations rely on for essential services. Users have reported interruptions when attempting to access online banking, state-run portals for taxes, and public resource management services. Government resources have been severely affected, whilst for businesses the inability to process digital transactions has caused massive delays, leading to e-commerce platforms and retailers that depend on online payment systems facing revenue losses. Financial institutions are working to secure their systems, fearing that the attack may escalate into data breaches or ransomware targeting client information. Potential Sources Behind the Attack While no official statement about the source of the attack has been released, cybersecurity experts are pointing to several possibilities. One theory suggests that the attack may involve political motives, aimed at destabilizing Kazakhstan’s government services and undermining public confidence. Others speculate that the incident may stem from cybercriminal groups seeking financial gain through extortion tactics. Other analysts are not discounting the possibility of foreign state actors. Given increasing geopolitical tensions in the region, such cyberattacks could potentially serve as acts of digital retaliation or covert intervention. Investigations are ongoing to trace the origin of the attack, and no group has publicly claimed responsibility. Official Responses and Mitigation Efforts Kazakhstan’s Ministry of Digital Development, Innovation, and Aerospace Industry has acknowledged the severity of the attack in an official statement. Authorities are currently coordinating with cybersecurity experts to neutralize the attack and minimize public impact. Technical teams have implemented measures such as traffic filtering and rerouting protocols to handle excessive server requests. While some government websites have been partially restored, slow loading speeds and occasional downtime persist. The ministry is urging organizations and individuals to strengthen online security by regularly updating firewalls and staying vigilant against phishing attempts that often accompany large-scale attacks. Additionally, Kazakhstan's cybersecurity response teams are collaborating with international partners to identify vulnerabilities and enhance digital defenses. This incident highlights the growing need for robust cybersecurity frameworks, particularly in an interconnected world increasingly reliant on digital services. Significance of the Attack This ongoing DDoS attack underscores how vulnerable national infrastructure can be to cyber threats. Potentially targeting critical systems like financial networks or telecommunications, these attacks can undermine public trust in a nation’s institutions and disrupt economic stability. Kazakhstan, like many nations, has increased investment in digital technologies, making cybersecurity a top priority. However, the attack reveals gaps in protection and the urgent need for advanced, preemptive measures to safeguard essential systems. With a rising tide of global cyber threats, addressing these vulnerabilities will play a critical role in protecting both national security and the economy going forward. For now, Kazakhstan continues to battle the...

Close