<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">koz</journal-id><journal-title-group><journal-title xml:lang="ru">"Вестник Северо-Казахстанского университета имени Манаша Козыбаева"</journal-title><trans-title-group xml:lang="en"><trans-title>Bulletin of Manash Kozybayev North Kazakhstan University</trans-title></trans-title-group></journal-title-group><issn pub-type="ppub">2958-003X</issn><issn pub-type="epub">2958-0048</issn><publisher><publisher-name>М. Қозыбаев атындағы СҚУ</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.54596/2958-0048-2025-3-170-180</article-id><article-id custom-type="elpub" pub-id-type="custom">koz-2287</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>ИНФОРМАЦИОННО-КОММУНИКАЦИОННЫЕ ТЕХНОЛОГИИ</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="en"><subject>INFORMATION AND COMMUNICATION TECHNOLOGIES</subject></subj-group></article-categories><title-group><article-title>Анализ основных причин крупных инцидентов в сфере кибербезопасности и утечек данных в Казахстане (2017-2025 гг.)</article-title><trans-title-group xml:lang="en"><trans-title>Root cause analysis of major cybersecurity incidents and data breaches in Kazakhstan (2017-2025)</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Исаков</surname><given-names>Е. А.</given-names></name><name name-style="western" xml:lang="en"><surname>Issakov</surname><given-names>Y. A.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Нью-Йорк</p></bio><bio xml:lang="en"><p>MS in Electrical Engineering, graduate,</p><p>New York</p></bio><email xlink:type="simple">yi2038@nyu.edu</email><xref ref-type="aff" rid="aff-1"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru">Инженерная школа «Тандон» Нью-Йоркского университета<country>Соединённые Штаты Америки</country></aff><aff xml:lang="en">New York University Tandon School of Engineering<country>United States</country></aff></aff-alternatives><pub-date pub-type="collection"><year>2025</year></pub-date><pub-date pub-type="epub"><day>24</day><month>10</month><year>2025</year></pub-date><volume>0</volume><issue>3 (67)</issue><fpage>170</fpage><lpage>180</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Исаков Е.А., 2025</copyright-statement><copyright-year>2025</copyright-year><copyright-holder xml:lang="ru">Исаков Е.А.</copyright-holder><copyright-holder xml:lang="en">Issakov Y.A.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://vestnik.ku.edu.kz/jour/article/view/2287">https://vestnik.ku.edu.kz/jour/article/view/2287</self-uri><abstract><p>В этой статье анализируются первопричины ключевых нарушений кибербезопасности в Казахстане в период с 2017 по 2025 год. Сосредоточив внимание на предполагаемой утечке медицинских данных (2019), компания Kaspi.kz сбой в банковской деятельности (2020), Zaimer.kz утечка информации о микрофинансировании (2024) и утечка информации о 16 миллионах записей (2025), мы изучаем технические уязвимости, человеческий фактор, юридические недостатки и инфраструктурные пробелы, которые привели к этим инцидентам. Мы обобщаем выводы из официальных отчетов, новостных сообщений и комментариев экспертов и сравниваем их с международными примерами, такими как исследование в США в 2015 году. Нарушение OPM, применение GDPR в Европе и инциденты в Великобритании (например, атаки на NHS и розничных продавцов). Мой анализ выявил общие причины: слабая безопасность системы (устаревшее программное обеспечение, отсутствие шифрования или многофакторной аутентификации), злоупотребления или ошибки со стороны инсайдеров, слабое соблюдение нормативных требований и недостаточное киберобразование. Мы обсуждаем, как стремительная цифровизация Казахстана при одновременном создании прочной правовой базы (стратегия киберзащиты) опережает инвестиции в безопасность и повышение осведомленности. Рекомендации включают усиление регулирования и правоприменения (например, создание органа по защите данных), принятие технических стандартов (шифрование, MFA, регулярные аудиты), создание независимых надзорных органов, расширение образования и профессиональной подготовки в области кибербезопасности, внедрение мониторинга на основе искусственного интеллекта, повышение организационной подотчетности (посредством штрафов и аудитов) и углубление международного сотрудничества в рамках таких структур, как Будапештская конвенция. Эти меры, основанные на фактических данных и согласованные с передовой практикой (NIST, ENISA, UNESCO), направлены на предотвращение будущих нарушений.</p></abstract><trans-abstract xml:lang="en"><p>This article analyzes the root causes of key cybersecurity breaches in Kazakhstan from 2017 through 2025. Focusing on the DamuMed health-data breach (2019), the Kaspi.kz banking outage (2020), the Zaimer.kz microfinance leak (2024), and the compilation leak of 16 million records (2025), I examine technical vulnerabilities, human factors, legal weaknesses, and infrastructural gaps that enabled these incidents. I synthesize findings from official reports, news accounts, and expert commentary, and compare them with international examples such as the 2015 U.S. OPM breach, GDPR enforcement in Europe, and UK incidents (e.g. NHS and retailer attacks). My analysis reveals common causes: poor system security (outdated software, lack of encryption or multi-factor authentication), insider misuse or error, weak regulatory enforcement, and insufficient cybereducation. I discuss how Kazakhstan’s rapid digitalization, while building strong legal frameworks (Cyber Shield strategy), has outpaced investments in security and awareness. Recommendations include strengthening regulation and enforcement (e.g. creating a data protection authority), adopting technical standards (encryption, MFA, regular audits), establishing independent supervisory bodies, expanding cybersecurity education and training, deploying AI-driven monitoring, enhancing organizational accountability (through fines and audits), and deepening international cooperation under frameworks like the Budapest Convention. These measures, grounded in evidence and aligned with best practices (NIST, ENISA, UNESCO), aim to prevent future breaches. The study’s novelty lies in an author-developed, four-factor framework applied across domestic cases to enable structured, crosscountry comparison.</p></trans-abstract><kwd-group xml:lang="ru"><kwd>Казахстан</kwd><kwd>кибербезопасность</kwd><kwd>утечка данных</kwd><kwd>киберполитика</kwd><kwd>цифровая инфраструктура</kwd></kwd-group><kwd-group xml:lang="en"><kwd>Kazakhstan</kwd><kwd>Cybersecurity</kwd><kwd>Data Breaches</kwd><kwd>Cyber Policy</kwd><kwd>Digital Infrastructure</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Issabaeva A. Cyber security issues in digital Kazakhstan [Elektronnyy resurs]. - Rezhim dostupa: https://www.nispa.org/files/conferences/2019/e-proceedings/system_files/papers/cvber-securitv-issuesissabaeva.pdf(data obrashcheniya: 12.05.2025).</mixed-citation><mixed-citation xml:lang="en">Issabaeva A. Cyber security issues in digital Kazakhstan [Elektronnyy resurs]. - Rezhim dostupa: https://www.nispa.org/files/conferences/2019/e-proceedings/system_files/papers/cvber-securitv-issuesissabaeva.pdf(data obrashcheniya: 12.05.2025).</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">Kazakhstan leads Central Asia in cybersecurity, says new regional study [Elektronnyy resurs] // The Astana Times. - 23.07.2025. - Rezhim dostupa: https://astanatimes.com/2025/07/kazakhstan-leads-centralasia-in-cybersecurity-says-new-regional-study (data obrashcheniya: 10.08.2025).</mixed-citation><mixed-citation xml:lang="en">Kazakhstan leads Central Asia in cybersecurity, says new regional study [Elektronnyy resurs] // The Astana Times. - 23.07.2025. - Rezhim dostupa: https://astanatimes.com/2025/07/kazakhstan-leads-centralasia-in-cybersecurity-says-new-regional-study (data obrashcheniya: 10.08.2025).</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">Zetter K. Why the OPM breach is such a security and privacy debacle [Elektronnyy resurs] // Wired. - 12.06.2015. - Rezhim dostupa: https://www.wired.com/2015/06/opm-breach-security-privacy-debacle (data obrashcheniya: 04.02.2024).</mixed-citation><mixed-citation xml:lang="en">Zetter K. Why the OPM breach is such a security and privacy debacle [Elektronnyy resurs] // Wired. - 12.06.2015. - Rezhim dostupa: https://www.wired.com/2015/06/opm-breach-security-privacy-debacle (data obrashcheniya: 04.02.2024).</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Gussarova A. Technology-surveillance nexus beyond COVID-19: the outskirts of digitalisation in Kazakhstan [Elektronnyy resurs] // Foreign Policy Centre. - 2021. - Rezhim dostupa: https://fpc.org.uk/technology-surveillance-nexus-beyond-covid-19-the-outskirts-of-digitalisation-inkazakhstan (data obrashcheniya: 12.03.2025).</mixed-citation><mixed-citation xml:lang="en">Gussarova A. Technology-surveillance nexus beyond COVID-19: the outskirts of digitalisation in Kazakhstan [Elektronnyy resurs] // Foreign Policy Centre. - 2021. - Rezhim dostupa: https://fpc.org.uk/technology-surveillance-nexus-beyond-covid-19-the-outskirts-of-digitalisation-inkazakhstan (data obrashcheniya: 12.03.2025).</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Kaspi bank: ocheredi i sboi v prilozhenii [Elektronnyy resurs] // Sputnik Kazakhstan. - 28.10.2020. - Rezhim dostupa: https://ru.sputnik.kz/20201028/kaspi-bank-ocheredi-video-15316324.html (data obrashcheniya: 17.07.2025).</mixed-citation><mixed-citation xml:lang="en">Kaspi bank: ocheredi i sboi v prilozhenii [Elektronnyy resurs] // Sputnik Kazakhstan. - 28.10.2020. - Rezhim dostupa: https://ru.sputnik.kz/20201028/kaspi-bank-ocheredi-video-15316324.html (data obrashcheniya: 17.07.2025).</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">What we know about data leak affecting 16 million Kazakh citizens [Elektronnyy resurs] // The Astana Times. - 29.07.2025. - Rezhim dostupa: https://astanatimes.com/2025/07/what-we-know-about-data-leakaffecting-16-million-kazakh-citizens (data obrashcheniya: 01.08.2025).</mixed-citation><mixed-citation xml:lang="en">What we know about data leak affecting 16 million Kazakh citizens [Elektronnyy resurs] // The Astana Times. - 29.07.2025. - Rezhim dostupa: https://astanatimes.com/2025/07/what-we-know-about-data-leakaffecting-16-million-kazakh-citizens (data obrashcheniya: 01.08.2025).</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Pierides M., Cavendish C. ICO GDPR fines reduced to £20m and £18.4m to reflect British Airways and Marriott mitigating factors [Elektronnyy resurs] // Tech &amp; Sourcing@Morgan Lewis. - 06.11.2020. - Rezhim dostupa: https://www.morganlewis.com/blogs/sourcingatmorganlewis/2020/11/ico-gdpr-finesreduced-to-20m-and-18-4m-to-reflect-british-airwavs-and-marriott-mitigating-factors (data obrashcheniya: 20.12.2024).</mixed-citation><mixed-citation xml:lang="en">Pierides M., Cavendish C. ICO GDPR fines reduced to £20m and £18.4m to reflect British Airways and Marriott mitigating factors [Elektronnyy resurs] // Tech &amp; Sourcing@Morgan Lewis. - 06.11.2020. - Rezhim dostupa: https://www.morganlewis.com/blogs/sourcingatmorganlewis/2020/11/ico-gdpr-finesreduced-to-20m-and-18-4m-to-reflect-british-airwavs-and-marriott-mitigating-factors (data obrashcheniya: 20.12.2024).</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">Treanor J. Tesco Bank cyber-thieves stole £2.5m from 9,000 people [Elektronnyy resurs] // The Guardian. - 08.11.2016. - Rezhim dostupa: https://www.theguardian.com/business/2016/nov/08/tescobank-cyber-thieves-25m (data obrashcheniya: 03.01.2025).</mixed-citation><mixed-citation xml:lang="en">Treanor J. Tesco Bank cyber-thieves stole £2.5m from 9,000 people [Elektronnyy resurs] // The Guardian. - 08.11.2016. - Rezhim dostupa: https://www.theguardian.com/business/2016/nov/08/tescobank-cyber-thieves-25m (data obrashcheniya: 03.01.2025).</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">Kazakhstan data breach - an overview [Elektronnyy resurs] // CERTPro. - 2024. - Rezhim dostupa: https://certpro.com/kazakhstan-data-breach (data obrashcheniya: 29.01.2025).</mixed-citation><mixed-citation xml:lang="en">Kazakhstan data breach - an overview [Elektronnyy resurs] // CERTPro. - 2024. - Rezhim dostupa: https://certpro. com/kazakhstan-data-breach (data obrashcheniya: 29.01.2025).</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">Ministerstvo tsifrovogo razvitiya Respubliki Kazakhstan. Kazakhstan strengthens positions in Global Cybersecurity Index 2024 [Elektronnyy resurs] // Gov.kz. - 12.09.2024. - Rezhim dostupa: https://www.gov.kz/memleket/entities/mdai/press/news/details/8455207lanFru (data obrashcheniya: 22.08.2025).</mixed-citation><mixed-citation xml:lang="en">Ministerstvo tsifrovogo razvitiya Respubliki Kazakhstan. Kazakhstan strengthens positions in Global Cybersecurity Index 2024 [Elektronnyy resurs] // Gov.kz. - 12.09.2024. - Rezhim dostupa: https://www.gov.kz/memleket/entities/mdai/press/news/details/8455207lanFru (data obrashcheniya: 22.08.2025).</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Alexandrova A., Kuznetcov A., Arkhipova O. Analysis of major factors preventing cybercrime reduction in Kazakhstan [Elektronnyy resurs] // CEUR Workshop Proceedings. - Vol. 3680. - 2023. - Rezhim dostupa: https://ceur-ws.org/Vol-3680/S4Paper3.pdf (data obrashcheniya: 22.08.2025).</mixed-citation><mixed-citation xml:lang="en">Alexandrova A., Kuznetcov A., Arkhipova O. Analysis of major factors preventing cybercrime reduction in Kazakhstan [Elektronnyy resurs] // CEUR Workshop Proceedings. - Vol. 3680. - 2023. - Rezhim dostupa: https://ceur-ws.org/Vol-3680/S4Paper3.pdf (data obrashcheniya: 22.08.2025).</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">Utechka dannykh tysyach patsientov proizoshla v Kazakhstane [Elektronnyy resurs] // Tengrinews.kz. - 07.2019. - Rezhim dostupa: https://tengrinews.kz/kazakhstan_news/utechka-dannyih-tyisyachpatsientov-proizoshla-v-kazahstane-373363 (data obrashcheniya: 22.08.2025).</mixed-citation><mixed-citation xml:lang="en">Utechka dannykh tysyach patsientov proizoshla v Kazakhstane [Elektronnyy resurs] // Tengrinews.kz. - 07.2019. - Rezhim dostupa: https://tengrinews.kz/kazakhstan news/utechka-dannyih-tyisyachpatsientov-proizoshla-v-kazahstane-373363 (data obrashcheniya: 22.08.2025).</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">Ministr prokommentiroval sboi Kaspi.kz [Elektronnyy resurs] // Tengrinews.kz. - 29.10.2020. - Rezhim dostupa: https://tengrinews.kz/kazakhstan_news/ministr-prokommentiroval-sboy-kaspikz-418520 (data obrashcheniya: 22.08.2025).</mixed-citation><mixed-citation xml:lang="en">Ministr prokommentiroval sboi Kaspi.kz [Elektronnyy resurs] // Tengrinews.kz. - 29.10.2020. - Rezhim dostupa: https://tengrinews.kz/kazakhstan news/ministr-prokommentiroval-sboy-kaspikz-418520 (data obrashcheniya: 22.08.2025).</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">Kazakhstan probes massive data leak involving 16 million citizens [Elektronnyy resurs] // Orda.kz (English ed.). - 17.06.2025. - Rezhim dostupa: https://en.orda.kz/kazakhstan-probes-massive-data-leakinvolving-16-million-citizens-6914 (data obrashcheniya: 19.06.2025).</mixed-citation><mixed-citation xml:lang="en">Kazakhstan probes massive data leak involving 16 million citizens [Elektronnyy resurs] // Orda.kz (English ed.). - 17.06.2025. - Rezhim dostupa: https://en.orda.kz/kazakhstan-probes-massive-data-leakinvolving-16-million-citizens-6914 (data obrashcheniya: 19.06.2025).</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">Zaimer.kz oshtrafovali na 18 mln tenge za massovuyu utechku lichnykh dannykh [Elektronnyy resurs] // Orda.kz. - 03.2024. - Rezhim dostupa: https://orda.kz/zaimerkz-oshtrafovali-na-18-mln-tenge-zamassovuiu-utechku-lichnyh-dannyh-384516 (data obrashcheniya: 28.07.2025).</mixed-citation><mixed-citation xml:lang="en">Zaimer.kz oshtrafovali na 18 mln tenge za massovuyu utechku lichnykh dannykh [Elektronnyy resurs] // Orda.kz. - 03.2024. - Rezhim dostupa: https://orda.kz/zaimerkz-oshtrafovali-na-18-mln-tenge-zamassovuiu-utechku-lichnyh-dannyh-384516 (data obrashcheniya: 28.07.2025).</mixed-citation></citation-alternatives></ref><ref id="cit16"><label>16</label><citation-alternatives><mixed-citation xml:lang="ru">Financial Conduct Authority. FCA fines Tesco Bank £16.4 million for IT control failures [Elektronnyy resurs]. - 01.10.2018. - Rezhim dostupa: https://www.fca.org.uk/news/press-releases/fcafines-tesco-bank-failures-2016-cyber-attack (data obrashcheniya: 05.02.2025).</mixed-citation><mixed-citation xml:lang="en">Financial Conduct Authority. FCA fines Tesco Bank £16.4 million for IT control failures [Elektronnyy resurs]. - 01.10.2018. - Rezhim dostupa: https://www.fca.org.uk/news/press-releases/fcafines-tesco-bank-failures-2016-cyber-attack (data obrashcheniya: 05.02.2025).</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
