Specialists check Kazakh banks for cyber security
A major hacker attack was committed to a government procurement portal in Kazakhstan. The dates of the public procurement were postponed due to this incident. According to the Center for Analysis and Investigation of Cyber Attacks, such an accident might happen if the website’s security rules haven’t been observed. Experts conducted their research to investigate the banks in Kazakhstan. They tried to find out how the banks ensure the security of their web resources. The safety assessment was carried out without interference in the work of the organizations. The evaluation was carried out by collecting publicly available information. Ten criteria were taken into account.
“We chose the best international practices, as well as the recommendations of the recognized software developers and the world community as a reference point on how to properly develop and protect websites. We published a report in which we collected data on each bank. We found out that some banks of the country do not properly take care of the security of their web resources. For example, some banks didn’t establish a secure connection with a client. In 2020, this is already critical. Even many search engines, such as Google, may consider such websites unreliable, which is rather critical for banks,” said Olzhas Satiyev, the Center for Analysis and Investigation of Cyber Attacks President.
According to the published data, many organizations neglect the simplest and most common security recommendations. This increases the chances of cyber attacks.
“First of all, we checked which program was installed and whether it copes with the load. In addition, we investigated for various leaks. As it turned out, many bank employees use work logins and passwords to register on forums and even dating websites,” Satiyev added.