Cybersecurity Threats And Mitigation Practices

Cyberattacks remain an increasing threat across all critical infrastructure sectors in Kazakhstan. Threat to the various industries has increased dramatically along with the sophistication of cyberattacks.

We have witnessed in recent times massive attacks on IT infrastructure of Kazakhstani state bodies, financial and educational institutions, which led, among other things, to disabling emails and online-banking transactions which means that we are under constant cyberattack in the said sectors, and no organization can escape that reality.

Given the increasingly sophisticated and widespread nature of cyberattacks industries and government should fully recognize the dawning of this new era of cybercrime and make cybersecurity a highest priority.

Today one must take every step possible to protect information systems by implementing of vetted cybersecurity practices and organizations should be moved towards consistency in mitigating the current most pertinent cybersecurity threats to the sectors mentioned. For each gain delivered by automation and data analytics, the vulnerability to malicious cyberattacks increases as well. To thwart these cyberattacks before they occur, it is crucial for local organizations to establish, implement, and maintain current and effective cybersecurity practices.

The goal of this publication is to raise awareness, provide practices and move towards consistency in mitigating the current most impactful cybersecurity threats.

Phishing Attack Ransomware Attack Tech Support Fraud Phishing Attack

Email phishing is an attempt to trick you, a colleague, or someone else in the work place into giving out information using email. The email often appears to come from a legitimate source such as a friend, coworker, manager, company or even the user's own email address. An inbound phishing email includes an active link or file, often a picture or graphic. Clicking to open the link or file takes the user to a website that may solicit sensitive information or proactively infect the computer. Accessing the link or file may result in malicious software being downloaded or access being provided to information stored on your computer or other computers within your network. Cybercriminals behind phishing attacks are called phishers.

The information that phishers attempt to steal can be user names and passwords, credit card details, bank account information, or other credentials. Attackers can then use stolen information for malicious...