ASTANA — As Kazakhstan expands digital services and online government platforms, cybercrime is emerging as a growing challenge to the country’s digital transformation.
Cybersecurity. Photo credit: shutterstock.com
According to the Prosecutor General’s Office, cybercrime caused 16.4 billion tenge (US$34 million) in damage in the first ten months of 2025. It is 29 times higher than in 2024 and marks the highest level recorded in recent years. Experts attribute the rise in cybercrime to structural weaknesses in cybersecurity capacity, the increasing use of social engineering – manipulation techniques that trick users into revealing confidential data, and the growing activity of organized international criminal groups.
Digitalization expands opportunities and risks
Kazakhstan has rapidly expanded digital services over the past decade. Most public services are now available online, placing the country among the global top 10 for online government services and 24th in the United Nations E-Government Development Index (EGDI).
Kazakhstan’s cybersecurity indicators have also improved. The country ranks 47th out of 125 countries in the National Cybersecurity Index, which evaluates national preparedness to prevent and respond to cyber threats.
Abylai Isin. Photo credit: Kazinform
At the same time, experts say the growing scale of digital infrastructure creates new vulnerabilities.
“The level of cybersecurity in Kazakhstan can be described as moderate, but significant progress has been observed in recent years. Nevertheless, internet fraud and cyberattacks are becoming more frequent. State agencies solve only about 20% of cybercrimes, which is largely linked to the influence of international criminal groups,” said Abylai Isin, a public relations expert in cybersecurity.
Kazakhstan has also joined international efforts to address cybercrime. Last year, the country signed a UN convention aimed at strengthening global cooperation against digital crime.
“In 2024, Kazakhstan scored 94.04 points in the Global Cybersecurity Index, developed by the International Telecommunication Union, entered the Tier 2 group and ranked third in this category. This indicates a strengthening of legislative and technical measures,” said Isin.
“In particular, the introduction of cybersecurity audits and the development of the draft Digital Code are aimed at strengthening the digital space in legal and institutional terms,” he added.
However, Isin said such rankings measure legislative and organizational commitments rather than the actual level of protection, as threats such as internet fraud and distributed denial-of-service (DDoS) attacks that overload servers with traffic, remain significant in practice.
“Therefore, drawing on the experience of Tier 1 countries such as the United States and Singapore, it is necessary to strengthen cybersecurity education and increase investment in modern technologies,” he said.
Financial damage and changing patterns
Official statistics show that cybercrime is expanding both in scale and structure. According to the Committee on Legal Statistics and Special Records of the Prosecutor General’s Office, 201 criminal offenses related to informatization and communications were registered between January and October 2025. The figure is 86.1% higher than during the same period in 2024.
Investigations have also become more effective. In 2019, 62.6% of cybercrime cases were terminated during the pretrial stage. By the first ten months of 2025, this share dropped to 31.3%.
Most cybercrime cases target personal and financial data. Approximately 80% involve theft of personal information, which criminals often use to access financial accounts or impersonate victims online. Another 6% involve unauthorized access to organizational information systems, while 6% relate to theft of banking data.
The most common offense is classified as illegal destruction or modification of information, referring to unauthorized interference with data in systems, including deletion, alteration or blocking access. Over the first ten months of 2025, such crimes increased by 61.7%. The second-fastest-growing category involves illegal modification of mobile device identification codes, which rose 6.1 times over the past year.
Cybercrime is concentrated primarily in major cities. Almaty and Astana recorded the highest numbers of cases, with 39 and 35 incidents, respectively, accounting for approximately one-third of all reported cybercrimes. Significant numbers were also reported in Shymkent and the Akmola and North Kazakhstan regions, with 15 cases each.
Industry specialists attribute the scale of the problem to shortages of cybersecurity professionals, weaknesses in rapid-response mechanisms and infrastructure vulnerabilities.
Who commits cybercrime?
According to the committee, 98 individuals committed crimes related to informatization and communications last year. Of them, 61 people (62.2%) were unemployed, although most had higher or vocational education.
Government officials were also implicated in several cases. Between January and October 2025, four civil servants were involved in cyber-related offenses. Three were linked to the creation or distribution of malicious software, and one was detained for illegally destroying or altering information.
The number of individuals committing cybercrime increased 4.3 times compared with the same period in 2024.
In movies, hackers are often portrayed as young students with exceptional technical skills. In Kazakhstan, official statistics point to a different pattern. One cybercrime involving a minor or student was recorded in 2021. The typical cybercriminal profile in Kazakhstan is a man aged between 21 and 40.
“The overall profile of cybercriminals is heterogeneous. Many have a high level of technical education, know programming and work in the field of information technology,” said Isin.
He noted that cybercriminals often operate in organized groups, although some act independently. Their motives may include financial gain, political activism, or insider access within organizations.
Experts from Positive Technologies cybersecurity company classify the main cyberattack methods into several categories, including social engineering, remote exploitation of software vulnerabilities, malware distribution, DDoS attacks and data compromise.
“Most successfully carried out cyberattacks are conducted through social engineering,” said Isin.
He explained that these methods include phishing, fraudulent emails or websites designed to steal personal data, vishing and smishing, scams conducted through phone calls and SMS messages, and fake technical support schemes. Social engineering accounts for 58% of cyberattacks recorded in Kazakhstan, a figure consistent with global trends.
Cyberattacks target a wide range of victims. Approximately 33% of incidents affect individual citizens, 13% target government institutions, 10% industrial companies and 8% telecommunications operators. Financial institutions and media organizations each account for around 6%.
QR code scams: a new form of fraud
One emerging form of digital fraud involves QR codes, which are widely used in Kazakhstan for payments, restaurant menus, tickets and online services. Scammers sometimes place fake QR-code stickers over legitimate ones. When users scan the code, they are redirected to fraudulent websites that mimic the appearance of official services. Payment details entered on such pages are captured by criminals.
In one case, scanning a restaurant menu QR code led to 180,000 tenge (US$380) being withdrawn from a bank card. In another example, a parking payment link used a domain name differing by only one letter from the official website, allowing criminals to collect banking data.
Isin noted that such threats may increase because many users do not verify where scanned links lead. Fraudsters often place fake QR codes on stickers, advertisements or public information boards.
Experts recommend that if a suspicious QR code is scanned, people should immediately contact their bank, secure their accounts by changing passwords and enabling two-factor authentication, and monitor transactions for several days.
How cyber police respond
Zhandos Suinbay. Photo credit: ortcom.kz
Combating cybercrime is a priority for the Kazakh Ministry of Internal Affairs. The ministry’s department for combating cybercrime coordinates investigations and prevention efforts.
“Today, most crimes are committed through the internet, and criminals use modern technologies to steal citizens’ money. Combating such crimes must take place at the legislative, technical and preventive levels. Only a comprehensive approach allows for effective counteraction to cybercrime,” said the department’s head Zhandos Suinbay.
According to the ministry, authorities blocked more than 19 million fraudulent websites and intercepted 85 million scam phone calls last year. Law enforcement agencies also seized more than 100,000 SIM cards and 88 SIM-box devices used to route large volumes of fraudulent calls. Seven call centers operating abroad and six inside Kazakhstan were dismantled.
21st-century pandemic: global security challenge
Cybercrime in Kazakhstan reflects broader global trends. Experts increasingly describe cybercrime as one of the defining security challenges of the digital era.
According to the Microsoft Digital Defense Report 2024, the countries most frequently targeted by cyberattacks include the United States, Israel, Ukraine, the United Arab Emirates, the United Kingdom and China. India, Germany, France, Saudi Arabia, Türkiye and Russia also appear among the top 20.
Within this evolving threat landscape, Kazakhstan is responding with new preventive measures.
“From 2026, biometric identification will be introduced for SIM card registration. Anti-fraud centers are also being created to improve cooperation between telecom operators and banks,” said Isin.
Other measures under discussion include limiting SIM card distribution, blocking fraudulent calls and expanding international cooperation in cybercrime investigations.
The article was originally published in Kazinform.
