JSC State Technical Service

Mass digitalization and the transfer of the traditional format of public services to an online format is increasingly causing concern among the population about information security (IS) issues. This is a really complex process and to ensure the integrity of the information and communication infrastructure of state bodies (ICI SB), a whole team of experts of JSC “State Technical Service” (JSC “STS”) is working, who is on guard of cybersecurity of our country day after day.

This topic reflects the picture of IS in the state body and a little information on cyber attacks in general on the Kazakh segment of the Internet (Kaznet) for 2021, as well as information for the first quarter of 2022.

To protect the Internet resources of state bodies (IR SB), SGIA (a Single gateway for Internet Access) equipment is used. In simple words, SGIA is a kind of filter that cleans traffic from various kinds of attacks and prevents their impact on the ICI SB. Today, more than 200 IR SB have been provided with protection of SGIA.

2021

Last year, about 82.3 million attacks were blocked using SGIA, more than 1.4 million of which were directed at IR SB, including attacks on egov.kz with amount to more than 15 thousand.

As a result of an in-depth expert analysis of the data transmitted via SGIA, our experts have identified more than 114 thousand threats to information security, where 1,186 alerts were sent to the owners of Internet resources for further elimination.

Also, the monitoring systems of JSC “STS” is carried out on an ongoing basis, in order to ensure the information security of the “electronic government” systems. So, in 2021, 4,326 vulnerabilities were identified at 37 informatization facilities. 

As a result of the research activities for the presence of vulnerabilities over 40 vulnerabilities of various levels of criticality were identified and eliminated for 76 IR SB.

In addition, in 2021, there were recorded about 120 thousand DDoS attacks of varying degrees of criticality in Kaznet. The reason was the increased number of DDoS attacks in the global segment of the Internet.

Over 109 attacks of a high level of criticality were aimed at the information and communication infrastructure of financial sector organizations, where 54 at the SB, of which 34 at egov.kz . During the distance learning period, 29 attacks were recorded on educational portals.

I quarter of 2022

In the first quarter of 2022, abnormal activity was recorded on the SGIA equipment. The number of repulsed attacks on telecommunications networks connected to SGIA equipment has reached over 28.5 million. information security events, where more than half of the events are critical-level information security threats.

Based on the SGIA data, experts have deduced the TOP 5 critical threats to information security.

Comparing with the same period in 2021, we can note a 2-fold increase in malware in the networks of central state body (SB), local executive bodies (LEB) and the quasi-public sector (quasi-public sector), and the number of IS incidents related to the spread of botnets decreased by 8,4 times.

In order to provide information security specialists, IR owners are constantly informed with recommendations for elimination, as well as notifications are sent to foreign CERTS from whose address space attacks have been recorded.

We remind you that if you encounter an information security incident, we ask you to inform our specialists by toll-free number 1400 (24 hours) or send a request to our Telegram chat: https://t.me/kzcert.