2018-06-25 | Technology
Kazakhstan's cyber-security agreement with Russia deemed unwise
By Arman Kaliyev
ASTANA -- Kazakhstan's recent agreement to work with Russia on fighting cyber-threats is striking many Kazakh analysts as spectacularly misguided.
The chairpersons of the National Bank of Kazakhstan and the Central Bank of the Russian Federation, during an international conference in St. Petersburg, signed an agreement to work together against cyber-threats and to reguarly exchange financial information, Vlast.kz reported June 8.
By signing that pact, Kazakhstan is essentially asking the fox to guard the chicken coop, warn analysts.
Russia itself is far likelier to create cyber-threats than to combat them, they say.
Western countries and former Soviet republics have accused Russia of reckless state-supported hacking for years: interference in the US presidential election in 2016, the NotPetya malware that plagued Ukraine in 2017, weeks of cyber-attacks against Estonia in 2007, and many other examples of hacking so technically formidable that only a government could have sponsored or committed them.
Severe condemnation by the international community has not ended the online attacks emanating from Russian soil. The Kremlin interfered in 27 countries' affairs from 2004 through 2017, according to a study by the German Marshall Fund.
Russia is surely behind the various hacking attacks throughout the years on European countries, said Adil Umarov, an information technology specialist from Astana.
The kind of hacking suffered by Estonia, Georgia and Ukraine in 2007, 2008 and 2017, respectively, had nothing to do with ordinary attempts to loot individuals' bank accounts or steal their private information, he told Caravanserai.
"These are more serious guys -- professionals," he said. "Most likely, they are carrying out an order that came from above."
Such hacking mainly targets government agencies and seeks to steal the agencies' documents, Umarov said, adding that possession of foreign governments' secrets gives Russia an advantage in any confrontation.
Russia is gaining more and more experience in cyber-warfare against Europe and the United States, and that accrued knowledge makes Russia very dangerous, he said.
The many instances of likely Russian cyber-warfare against sovereign countries prove the great danger of trying to "co-operate" with Russia on cyber-security and the exchange of confidential information, analysts say.
Cyber-warfare and information warfare are principal Russian tactics, said Nodar Kharshiladze, a founder of the Tbilisi-based Georgian Strategic Analysis Centre.
Russia routinely mounts a cyber-attack if it decides that someone or something is threatening its interests, he told Caravanserai.
Mixed picture on Kazakh cyber-security
Some parts of the cyber-security picture in Kazakhstan are brighter than others, according to a number of observers.
Russia's alleged use of "hybrid war" against Ukraine since 2014 has led Kazakh authorities to draw certain conclusions and take preventative actions, Almaty political scientist Ruslan Zhangazy told Caravanserai.
Last autumn, when Kazakhstan adopted a new military doctrine, the document listed dangers including "methods of hybrid warfare" and "cyber-attacks", he said. "These [listed] threats allude to the danger from Russia."
The private sector is more vulnerable than the public sector. Many Kazakh firms use pirated software, including vulnerable and unprotected copies of old Windows operating systems, said Umarov.
Government agencies are more scrupulous, said Yevgeny Novikov, an Almaty-based IT specialist for Alfa Bank.
For example, the e-government website egov.kz, which stores Kazakh citizens' personal data, is well protected, he told Caravanserai, adding that it has specialists ready to address any emergency rapidly.
Other government agencies should be regularly looking for weak links before a cyber-attack rather than repairing damage afterward, he said.
"Technology changes fast these days," he said. "Neglect ... in this area can prove to be very costly."