Monthly selection of cyber news
September 2020, issue 6
Vice Minister of Labor and Social Protection of the Population Yerbol Ospanov told what an electronic labor contract was and why its introduction was inecessary. According to him, the new format will help facilitate many labor relations processes.
Kazakhstanis complain about the leakage of personal data from the Damumed system - it turned out that third parties can not only obtain the users’ health information, but also their contact details, TIN, employment details, as well as the amount of taxes paid.
President of Kazakhstan Kassym-Jomart Tokayev instructed to strengthen the role of maslikhats and local self-government, as well as create a platform where Kazakhstanis can create petitions and appeals with their vision of solving problems in the regions
The President of the Republic of Kazakhstan Kassym-Zhomart Tokayev said in his national address that within five years it is necessary to bring the volume of investments in the IT sphere to 500 billion tenge.
Minister of Labor and Social Protection of Population Birzhan Nurymbetov at a meeting of the government of the Republic of Kazakhstan chaired by Prime Minister Askar Mamin reported on the implementation of the President's instructions in the social and labor sphere.
A number of documents will be digitized by the end of the year in Kazakhstan, the Minister of Digital Development, Innovation and Aerospace Industry Bagdat Musin said during a government meeting. According to him, measures have now been developed that simplify the use of biometrics to receive public services.
As part of the instructions of the Prime Minister of the Republic of Kazakhstan, the Ministry of Industry and Infrastructure Development, together with the National Chamber of Entrepreneurs "Atameken" and central government bodies, is working to create a Unified Register of Licensees in the Construction Industry
An electronic map of lands is created in Nur-Sultan. In real time, it will be possible to find out everything about the land plot: from its cadastral number to commercial property. Deputy akim of the capital Malika Bekturova told about this in her speech
Minister of Education and Science of the Republic of Kazakhstan Askhat Aimagambetov, during a briefing at the government's press center, spoke about the measures taken in the educational sphere as part of the implementation of the President's Address "Kazakhstan in a new reality: time for action"
Kazakhstanis en masse applied for information on the state of pension savings in the Unified Pension Savings Fund (UAPF). The number of requests on the eGov website has grown fivefold, and the pension fund portal itself is overloaded
Kazakhstan’s Ministry of Digital Development, Innovation and Aerospace Industry will conduct checks of personal data violations. If illegal collection or leakage of personal data are suspected, citizens can contact the ministry and request an investigation.
10 new "smart" mobile complexes of automatic speed fixation "Oracle" will register violations on the roads of Pavlodar. The speed of cars passing through the monitored lane of the carriageway will be determined using sensors mounted in the asphalt
Startup Go is not just a competition for startups and technology entrepreneurs, which will be held as part of the GoViral international festival, but an excellent opportunity for local teams to create a global company, scale it to the whole world, and, as a result, affect millions of lives.
Kazakhstani activist Pavel Alexandrov spoke about the “leaky” platform used for distance learning
Aktobe bully disrupted an online lesson for schoolchildren. An unknown person entered the general class chat and began writing obscene messages. Parents complained about this fact on social networks, fearing for the psyche of their children
Kaspi.kz has made open the license for Kaspi Kartomat in Kazakhstan. Information about this is published on the website of the National Institute of Intellectual Property. Previously, Kaspi.kz received a patent that secures the company's ownership not only for technology, but also for the algorithm for issuing payment cards using a mobile application and a card machine
For several days in a row, Kazakhstan’s distance learning platform OnlineMektep.org was subjected to a massive cyber attack from outside the country, according to the platform’s developers. The attack was well-coordianted and aimed at undermining user confidence, they said.
Majilis deputy Jamilya Nurmanbetova demands to consider the issue of responsibility of officials for poor-quality preparation of the education system by the beginning of the 2020-2021 academic year in the format of distance learning
The Agency of the Republic of Kazakhstan for Civil Service Affairs revealed about 100 thousand violations in the field of providing public services in electronic form
According to the press service of National Information Technologies JSC, technical problems occur on the side of the BTS Digital contractor.
The KZ-CERT Computer Incident Response Service of the RSE "GTS", while monitoring the Internet resources of the state bodies of the Republic of Kazakhstan, recorded targeted DDoS attacks aimed at the educational platforms Kundelik.kz and Bilimland.kz.
The State Revenue Committee of the Ministry of Finance of the Republic of Kazakhstan announced a new functionality of the Tax Wallet service. Kazakhstanis will be able to correct their data on taxation objects.
Executive Director of Bilimmedia group, Onlinemektep project manager Sanzhar Kenzhekhanuly told how Kazakhstan is working to strengthen the protection of educational platforms after hacker attacks
General Director of Kundelik LLP Mukhtar Ilyasov spoke about the possibilities of the Kundelik educational platform. Now the system has about 5.5 million registered users. Until the fourth quarter of the last academic year, it withstood the load of up to 2 million people a day.
A cryptocurrency exchange based on Japanese technologies is to be launched in Kazakhstan. This became known during the meeting, which took place online at the Embassy of Kazakhstan in Japan. The exchange will operate on the platform of the Astana International Financial Center. The Ambassador of Kazakhstan in Japan Yerlan Baudarbek-Kozhatayev noted that despite the economic turbulence caused by the spread of the coronavirus, Japanese investors are expressing interest in the favorable investment conditions created in the country.
Bagdat Musin, Minister of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan, spoke about the innovations in the provision of public services in electronic format. According to him, eGov will not be a one-stop shop for the provision of public services, they can be provided by third-party services.
The project on automated recognition of Kazakh speech is being launched by the Institute of Smart Systems and Artificial Intelligence at Nazarbayev University (ISSAI). It is meant to help introduce the Kazakh language to the global digital space.
The Ministry of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan together with Zerde Holding JSC organized an online session on the topic "Towards sustainable development: making the world digital by default"
The KZ-CERT Computer Incident Response Service of the RSE "GTS" increasingly receives requests from users who have become victims of fraudulent schemes on various Internet platforms.
At the meeting of the board of the Eurasian Economic Commission, the Minister for Internal Markets, Informatization, Information and Communication Technologies of the EEC Gegham Vardanyan presented a report on the status of the implementation of the project “Unified search system“ Work without Borders ”", which is being implemented within the digital agenda of the Eurasian Economic Union.
The implementation of fiscalization projects for tax procedures in Kyrgyzstan will continue under the SMART Salym brand, the State Tax Service reported. The presentation of the unified concept of SMART Salym took place at the meeting of the Coordination Council on digitalization of tax and customs administration, which was chaired by Prime Minister Kubatbek Boronov.
A republican competition "Startup Kyrgyzstan 2020-2021" has been announced in Kyrgyzstan, which is designed to support novice entrepreneurs. Up to 500,000 soms will be allocated for the implementation of one startup
On September 7, the Standing Committee on Innovation and Online Policy of Mongolia organized a discussion on the topic "Topical Issues for Startup Enterprises and Government Support"
The global digital economy highlights such an important strategic direction as e-commerce, which requires technological, legislative and infrastructural preparation. Minister of Economy Sanzhar Mukanbetov said this during a meeting with President of the Association of Electronic Commerce in Kyrgyzstan Ayganysh Saparalieva. During the meeting, issues of ensuring the legal framework for the expansion of electronic commerce in the Kyrgyz Republic were discussed, including issues of taxation of participants in the e-commerce market, to create the most favorable conditions for entrepreneurs and investors
The second meeting of the High-Level Working Group on Cross-Border Electronic Commerce took place. Representatives of the Eurasian Economic Commission (EEC) and the member states of the Eurasian Economic Union (EAEU) discussed the creation and development of the institution of “e-commerce operators”, the problems of bonded warehouses, as well as the application of technical regulation measures within the framework of cross-border e-commerce.
Zerde Holding JSC and the State Committee for Information Technologies and Communications of the Kyrgyz Republic held a meeting on bilateral cooperation in the field of electronic government and electronic services. Arman Abdrasilov, Chairman of the Board of JSC “Holding“ Zerde ”, held negotiations with the Chairman of the State Committee for Information Technologies and Communications of the Kyrgyz Republic Altynbek Ismailov.
Mongolia's e-government is a topic that is often overshadowed by the cyber activity of the country's large neighbors - Russia and China. However, the coronavirus pandemic has given the Mongolian government an edge in implementing long-overdue digital governance practices. Implementing e-government services in Mongolia, known as E-Mongolia, will improve public services, maximize efficiency and, most importantly, reduce the deep-rooted bureaucracy and nepotism that have hampered public services for some time.
The President of Uzbekistan signed a decree on the introduction of a unified personal identification system in the country, which provides for the replacement of domestic biometric passports with ID cards with an electronic chip from January 1, 2021.
A number of Armenian websites have been broken down by Azerbaijani hackers and “Karabakh is Azerbaijan and an exclamation mark” voiced by President Ilham Aliyev in the international tribune, as well as “If an Armenian soldier does not want to die, let him leave the land of Azerbaijan” quote added. Photos of Azerbaijan’s national hero Mubariz Ibrahimov have been posted on Armenian websites.
The Center for Combating Computer Incidents monitors and carefully analyzes cyber attacks against Azerbaijan on a 24/7 basis. According to the center, Armenian hackers carry out cyber attacks against four main targets: the Internet information resources of government agencies, the banking sector, media sites and individual users (e-mail addresses, calls, etc.).
In order to prevent DDoS (Distributed Denial of service) attacks on Azerbaijan's state information resources, including cyber-attack attempts, IP segments belonging to “zombie” computers that are members of the botnet, anonymous "proxy" and VPN access to state information systems are regularly blocked by the Center for Combating Computer Incidents.
Operators of Russian data centers may be forced to provide information on tariffs, capacity and load to the Roskomnadzor Monitoring Center, which is to be created as a part of the "sovereign Internet" law, Kommersant reports.
The Russian business union "Delovaya Rossiya" sent a letter to the government with a proposal to amend legislation to better protect the data of Russian online buyers from the risks of information leaks.
According to Russian diplomats in Austria, there is reason to believe that unknown attackers hacked into their account, so users are asked not to open links and attachments sent from firstname.lastname@example.org, the embassy's official email address.
Delovaya Rossiya business union proposed to equate the Russians’ payment data with their personal data. In their opinion, this may guarantee better protection of citizens' accounts from various fraudsters.
Last year, one of the strategic state structures of the Czech Republic was subjected to hacker attacks for the purpose of cyber espionage, which were allegedly carried out from Russia. This was reported by the Czech telegraph agency ČTK with reference to the report of the National Directorate for Cyber and Information Security of the Czech Republic. According to the report, the attacks were carried out using targeted phishing emails, which, when opened, downloaded malware onto the victim's device. According to the report, the organizer of the attacks may be Sofacy hacker group (also known as Fancy Bear, APT28, Pawn storm, Sednit and Strontium), suspected of having links with the Russian Federation. The department did not indicate in the report which state structure was the target of the campaign.
On September 1, a video surveillance system was launched at all metro stations in Moscow. According to Moscow’s Department of Transport statement posted on Telegram, metro passengers will be able to pay for travel via a face scan in the near future.
Cybercriminals are exploiting a critical vulnerability in a file manager plugin for WordPress sites, which allows them to load scripts and remotely execute code on web resources.
The Main Directorate of Russian Ministry of Internal Affairs for the city of St. Petersburg and the Leningrad Region stopped the activities of fraudsters who specialized in stealing money from bank cards by impersonating bank security officers.
The Federation Council plans to toughen software requirements for state-owned companies. This is due to the fact that they is a proposal to classify them as elements of critical information infrastructure (CII), like banks and government agencies.
Researchers believe that the vast majority of cybersecurity reports focus on government hackers, industrial espionage, and targeted attacks. Only a small share covers cyber threats to ordinary citizens.
Cybercriminal group Winnti used new tools and infrastructure for the attacks, concentrating on software developers for financial organizations from Russia and Germany.
The update of the "black list" to which several Russians have been added is intended to protect the upcoming US presidential elections from foreign interference and "send a signal to Moscow" that such attempts will be prosecuted, the US Treasury said in a statement.
Microsoft has warned users that it will end support for Windows 10 version 1903 (Windows 10 May 2019 Update) on December 8, 2020.
Microsoft has detected attempts to interfere in the US elections from Russia, China and Iran. This was reported on September 10 in the company's blog.
The first half of 2020 was marked by an increase in the number of DDoS attacks on Russian educational resources. This sharp jump was recorded by Kaspersky Lab specialists.
The Central Bank warned banks about a scheme that allowed cybercriminals to obtain additional information about clients of one of the credit institutions and subsequently use it for fraud purposes using social engineering techniques
The deputy head of the Central Election Commission Nikolai Bulaev said that during the recent elections, round-the-clock hacker attacks were being carried out on the organization's website.
The Pentagon is concerned by the possibility of Russia and China using artificial intelligence (AI) to control autonomous attack systems, according to National Interest magazine.
Fraudsters continue to improve their methods with new social engineering tools designed to further mislead gullible clients of Russian banks. Now social engineering aimed at extracting money from clients has been supplemented with a new element designed to further mislead victims.
The Kovrov city court considered a 28-volume criminal case opened against a local resident accused of cybercrimes. According to investigators, the accused and his accomplices stole 10.8 million rubles from businessmen.
Recently, thousands of online stores using the Magento platform fell victim to a cyberattack - cybercriminals injected malicious code that steals customer bank card details. The cybercriminals' operation became successful due to a 0-day exploit, which is being sold by a Russian-speaking hacker under the pseudonym “z3r0day”. For just $ 5,000, z3r0day will shows how to exploit a vulnerability in web software and inject a skimming code into the files of an online store, while authentication can be bypassed.
Presidential Human Rights Council will involve domestic hackers to create a report to Russian President Vladimir Putin on the problems associated with computer technology, from harassing users on social networks to cyber espionage using CCTV cameras and bank data leaks. After the report, Concil intends to start creating a "digital code" and initiate a bill designed to protect Russian users from harassment in social networks and surveillance.
Law enforcement officials investigating a cyberattack on a German hospital that killed a patient believe that hackers from Russia may be behind the incident.
Keep up to date!
Leaders like you are responding to one of the most sweeping crises in recent memory, calling for both empathy and action to guide your people and businesses through uncertain times. This page gathers Deloitte’s global insights to help you not only respond to this crisis, but recover and thrive.