Monthly selection of cyber news
May 2020, issue 2
The main objectives of the bot are to provide references and news in information security areas; receive incident reports and assist system users in detecting and preventing incidents.
The majority of cyberattacks occur in the banking sector, e-commerce, and online gaming resources. In the banking sector, this is mainly an emulation of bank Internet resources. Under the pretext of online surveys and authorisation, users are prompted to enter details of personal Internet banking accounts or provide credit card details.
The National Information Technologies press service has reported an external Internet DDoS attack on Kazakhstan government websites and the eGov.kz portal.
A joint computer and technology investigation by experts from the State Technical Service and National Information Technologies found suspects guilty of modifying data.
Deputies and representatives of the state authorities, local executive bodies and national companies provided a report on 21 May detailing the progress of the implementation of the “Digital Kazakhstan” state programme for 2019. Representatives from the ministries of digital development, internal affairs, industry and infrastructure development, and the national economy spoke about the implementation of the main areas of the state programme.
Xalq Bank has reported a temporary failure of Humo payment system due to transaction volume, adding that the growth in transactions was caused by an increase in cash withdrawals using cards. The result has been that pensioners and those receiving benefits through their Humo card do not have full access to their funds.
On 11 May, President Mirziyoyev chaired a meeting to discuss the widespread adoption of a digital economy and e-government and noted, “If we do not complete this in the next 2-3 years, each year of delay will cost the country 10 years of progress.” Analysis showed that only 30% of the more than 700 government-agency information systems are connected to the "Electronic Government". Of the 80 departments providing public services, only 27 are integrated with the Agency for Public Services.
The World Net Summit held its latest conference in Azerbaijan with the support of the Ministry of Transport, Communications and High Technology on 11-15 May. The event, which aroused great public interest, was attended by more than 40,000 people from 26 countries.
The IAA Demo Day App has been developed to obtain information on start-ups in Azerbaijan. According to the innovation agency, users can contact start-ups through the application to receive detailed information on them.
The site contains details on DOST legislation and the institution’s structure in 11 main sections, including details of services provided at DOST centres, and information booklets on services, statistics, news, galleries, etc.
On 21 May, the State Agency for Public Services and Social Innovation under the President of Azerbaijan organised a web conference dedicated to Global Access Awareness Day and held a meeting of the Executive Group to discuss e-government initiatives.
The Uzbekistan State Tax Committee has launched a GPS-based automated tax collection system to track individuals with property tax and land tax arrears.
According to the Azerbaijan Ministry of Labour and Social Welfare, the “Rehabilitation” subsystem will be used to exchange data electronically between the ministry’s rehabilitation institutions and medical and social expert commissions, and to establish related activities.
Banks have warned that a bill allowing Russians to provide biometrics through smartphones and computers for banking services does not provide protection against hackers and scammers.
COVID-19 pandemic mailing lists spread Trojans to steal Wi-Fi passwords and email credentials from Outlook.
A number of large credit institutions have told “Izvestia” about how they are gearing up for a spike in fraud through the use of fake banking apps. Remote services became especially popular during the self-isolation period, including share increases in software downloads and active users, and the volume of statistics shared in credit organisations.
The commercial launch of 5G communication networks in Russia is in doubt. The Ministry of Digital Development, Telecommunications and Mass Media proposed saving 1.5 billion roubles, which in 2020 should go to clearing frequencies to build a new generation of infrastructure.
The State Duma has adopted a bill at the third and final reading to create an integrated database or Federal Information Register to store the full names, places of birth, marital status, citizenship information, SNILS and TIN of all Russians.
Kaspersky Lab experts have reported a reduction in the number of malware attacks. 2019 saw attacks across the world on every fifth user, which is a 10% drop on the 2018 figure. The number of unique malicious resources where infection attempts were blocked and the number of these attacks were halved. At the same time, the number of unique malicious programmes has increased by 13%.
Sberbank is to dramatically increase its number of contactless ATMs working with Apple Pay, Google Pay, Samsung Pay, Mir Pay and Huawei Pay, “Izvestia” writes. Information on the $ 108.5 million tender to purchase almost 5 thousand ATMs was published on the government procurement website, with the results due to be announced in mid-July.
The heads of four regional telecom operator associations have reported significant risks of lower service quality and bankruptcy for small providers if a bill is passed providing free access to socially significant Internet resources.
Banks have found a way to protect customers' money from theft through the interception of SMS, push notifications and the substitution of SIM cards. Credit organisations transfer users to confirm transactions using a simplified electronic signature stored on a smartphone.
When trying to call a credit institution on Skype, an Alfa-Bank client got through to scammers who convinced her to transfer money to a “special account”. The bank said that they do not communicate with customers via Skype. A Банки.ру correspondent also managed to contact the forged account owner and learn how it worked.
ESET antivirus company researchers have analysed the cyber threats that Russian users have faced during the COVID-19 self-isolation period, paying special attention to sextortion blackmail attempts.
We used the following information sources to prepare this material: