Kazakhstan’s security services say they have managed to thwart a cyberattack on the country’s banks.
The National Security Committee’s cybersecurity division, or State Technical Service, said on September 29 that the websites of several banks were knocked offline by a distributed denial of service, or DDoS, attack.
“The attack was launched from overseas IP addresses, so we quickly informed the relevant cyber-reaction services in those countries,” the National Security Committee, or KNB, said in a statement, without providing details about the banks or nations in question.
Deputy KNB chief Daulet Yergozhin said that the main surge began after lunchtime on September 28.
“[We] monitored the situation all night and practically all attacks were fought off,” he said in a briefing to reporters.
One of the lenders targeted was Qazkom, which posted an update on its Facebook page to warn customers of possible “delays in operations” and that the bank website might be temporarily unavailable.
Six second-tier banks have come under cyber-attacks so far this year, according to security officials. Of those, only one has turned to the authorities for assistance.
“A number of Kazakhstani banks were targeted by phishing. It was a circular issued as if from the National Bank, but the domain name was fake. One additional letter was inserted,” said Yevgeny Yemelyanov, a representative of the State Technical Service, said at a roundtable on cybersecurity on September 28.
Yemelyanov said that banks often do not appeal for assistance from government bodies as they are concerned at the reputational damage potentially caused by being seen to fall prey to hackers. In one instance, a phishing scam was averted when an employee in the targeted bank noticed that the scammer’s email was not registered in Kazakhstan, but Colombia.
“We got in touch with the [server] host in the United States and had the domain blocked,” Yemelyanov said.
The KNB says it has investigated 79,000 cybersecurity-related incidents since 2011. The incidence of phishing scams has increased sharply this year, with 99 such cases being recorded in the first half of 2017, according to the KNB.
It is not just banks being hit by hackers.
In late June, just as the indirect election of members of the Senate was taking place, the Central Election Committee website was targeted by a hacker in an unnamed European country.
Earlier this week, a representative for Astana’s EXPO-2017 fair said thousands of attempted attacks on the event’s official website were warded off over a number of months.
Sign up for Eurasianet's free weekly newsletter. Support Eurasianet: Help keep our journalism open to all, and influenced by none.