Kyrgyzstan's new cybersecurity strategy aims to protect state, personal data
BISHKEK -- Kyrgyzstan has announced a new strategy to address cybersecurity, a growing issue that observers say could threaten the nation's citizens and institutions.
The State Committee of Information Technologies and Communications on December 14 presented the "Cybersecurity Strategy of the Kyrgyz Republic for 2019-2023" in Bishkek.
The document, developed jointly with Kyrgyzstan's Security Council and local and international specialists, proposes establishing a special government agency for the protection of personal data.
Kyrgyzstan faces certain risks while transitioning to information technologies, said Deputy Prime Minister Jenish Razakov during the presentation of the strategy.
"State and corporate cyber espionage campaigns, as well as covert collection of individuals' and organisations' data -- through the use of malicious software -- are being carried out on an unprecedented scale," he said, according to a government press release.
The programme's purpose is to protect citizens, the business community and the state, said Bibigul Abdyldayeva, the state committee's chief specialist on cybersecurity, during the presentation.
The policy is meant to ensure "the electronic transformation of the national economy and to provide our citizens access to modern e-services", said Razakov.
Cyberthreats have become a critical issue for Kyrgyzstan, said Ilya Sergiyenko, director of Bishkek-based computer service company ITEC.
Kyrgyz citizens often fall victim to hackers who "phish" them to gain access to their home computers and confidential data, he said.
"The criminals are not interested in the correspondence of the victims but in bank accounts that can be accessed via e-mail," Sergiyenko told Caravanserai.
"Banks can provide a high level of protection to their financial systems, but users of their services who do not take precautions remain a vulnerable channel," he said.
Local financial and lending institutions that suffer cyberattacks often do not turn to law enforcement agencies because the Kyrgyz police have neither the experience nor the technical ability to investigate such incidents, said Emil Tagayev, an information technology specialist at a Kyrgyz bank.
"Hackers can also hack state portals, for example ministries' websites, but they'll hardly be able to steal valuable data -- our agencies do not store information of governmental importance electronically," he told Caravanserai.
"But criminals can send messages to their victims from a ministry's domain, asking for confidential data -- and this can be dangerous," he said.