In 2017, cyber-attacks caused at least USD 1 million in damage to Kazakhstanis. The exact extent of damages is unknown due to the lack of open data; however, some estimates put the figure several times higher than USD 1 million. Last year, Kazakhstan ranked 6th in the world in terms of the number of attacks on industrial networks and systems related to industrial infrastructure, with 28% of industrial enterprises facing targeted attacks. Additionally, more than 37% of small-sized businesses, 31% of medium-sized and 39% of large businesses suffered from targeted attacks in 2017. Financial institutions in the country, on the other hand, have been much better protected than other businesses. This is thought to be due to them being more technological in general as well as them having more to lose from a successful cyber-attack.
This year, the most vulnerable areas for attack are government systems, industry and small- and medium-sized enterprises (SMEs). The most popular method of attack has been phishing emails, which have been relatively successful in Kazakhstan as the country works to introduce more and more modern technologies. To help combat cyber-attacks, the government has implemented the Digital Kazakhstan program. The majority of program funds have been allocated for software and hardware as well as their implementation; however, experts also caution that the main entry point for cybercriminals is via the human factor. As such, they add that Kazakhstan also needs to invest in educating the people of Kazakhstan in how to be responsible online users and how to protect confidential information. Experts also point out that the country has more work to do in creating legislation to deal with cybercriminals and their prosecution for cyber-attacks.