Can Kazakhstan’s Media Protect Themselves from Hackers? Journalists Asked IT Specialists

In 2022, Orda.kz worked while under constant pressure. The conspirators, led by Arkady Klebanov and coordinated by Oleksiy Tokarev, injected construction foam around the apartment door of the apartment of Orda's editor-in-chief, Gulnara Bazhkenova, threatened her, and painted provocative graffiti. They also sent intimidating messages and even a pig's head to our office. Attackers hired by them also attacked our site and Telegram channel. Much has been done to fend them off. And, as often happens, chance helped to catch the criminals.

Orda.kz was not the only media subjected to such efforts. Several media have also faced similar attacks. And, it had seemed that after the detention and trial of Klebanov and Tokarev things would become calmer. But almost a year has passed, and in early December there were reports of renewed hacker attacks.

This time, KazTAG, Kursiv.media, and Protenge.kz were in the crosshairs. It is still unknown who organized and did it this time around. In hopes of understanding whether Kazakhstan's media can defend itself from such threats, journalists gathered at a round table, where they discussed different options with IT specialists.

One in a Million

Catching the hackers who attacked Orda.kz and several other media sources was indeed almost coincidental. Tokarev violated the rules of conspiracy. But, as IT experts state, finding them is a great success nonetheless. Because it is almost impossible to find the perpetrators in the vast majority of such cases and even more so the organizers. Incidentally, whether Arkady Klebanov, who called himself the main client, was the last link in this chain is still doubtful.

Hackers are good at concealing themselves. Especially if these are massive and well-organized attacks with serious financing. According to the estimates of the president of the Internet Association of Kazakhstan, Shavkat Sabirov, this could be tens and hundreds of thousands of dollars. Such amounts principally coincide with what Oleksiy Tokarev and his accomplices received.

But there is reason to believe that the more the hacker market grows, the cheaper the attacks' price tag will become. According to Madina Alimkhanova, executive director of the Adil Soz Public Foundation, this may be evidenced by the number and scale of new attacks on the media.

The number of attacks is growing, they are carried out more often and become more massive. And this is just the beginning. If you don't nip them in the bud, then it will get worse,  says Alimkhanova.

 But, as experts state, finding them in such a manner is problematic. Those carrying out the attacks may be located outside Kazakhstan. Indeed, Denis Arlantsev, Kursiv.media's chief technology officer has listed China, Russia, the United States, and even Indonesia among the countries from which DDoS attacks on their site originated. There was practically nothing done from within Kazakhstan’s internal servers.

If we assume that the hackers are to be caught and they name others involved, then the question of potential liability arises. Klebanov and Tokarev were tried under several articles of the Criminal Code of the Republic of Kazakhstan, including hooliganism and threats. But in the end, the former was declared insane, and the latter was given only a 4.5-year suspended sentence.

That is, if an organizer of attacks is caught, this person, who can pay tens of thousands of dollars, can get off with a fine of less than a thousand dollars. If the media wants to receive compensation for the damage caused by cyber-attacks, then it should be done through a civil procedure.

Therefore, Orda.kz advocates tougher penalties for hacking attacks on the media. Even if one in a million is caught, and the punishment is severe enough, the other 999,999 will think twice about it.

Blind Defense

In the meantime, experts recommend one solution — proactive protection from attacks.

Ali Nurseitov, a representative of the Information Security Committee of the Ministry of Finance, said that there are now 40 accredited organizations in Kazakhstan that provide such protective services for a fee. 

Protection from hackers, of course, is cheaper than the services of hackers themselves but is hundreds of thousands of tenge per month. Certain media sources may not be able to afford such costs.

According to Shavkat Sabirov, the state could protect not only the media but also Kazakhstani Internet resources in general from DDoS attacks or at least reduce their scale by installing appropriate protection systems on the main Internet communication channels. According to him, this would make it possible to stop attacks on the border with Kazakhstan, and not at the target of the attack.

We talked about this back in 2017 as part of the first cyber shield, that the State Technological Service and Kazakhtelecom, as the organization responsible for the main channels, could put sensors against DDoS attacks. Since then, I have asked about this more than once, but they still do not install the equipment and do not answer why. They ignore it, Sabirov says.

 Although the state does provide some help. The GTS, for example, can track attacks and inform about them. And also give recommendations on how to react to them. Shavkat Sabirov made a peculiar joke about this:

After all, we are a country of suggestions

Original Author: Igor Ulitin

DISCLAIMER: This is a translated piece. The text has been modified, the content is the same. Please refer to the original piece in Russian for accuracy.