Kazakhstan, Tajikistan, the Kyrgyz Republic, Turkmenistan and Uzbekistan, received their independence in 1991. All five countries were soon to be faced with threats and challenges, which they had to tackle individually. One of the most prevalent and largest issues being faced to the whole of Central Asia is crimes to do with internet and high technology.
Spread of internet
In recent times the usage of internet connections has been expanding throughout Central Asian states. Cyber security has a large linking factor to the growth and amount of spread of internet through CAS (Central Asian States).
Ookla, a company which tests broadband speeds every month in almost every country reported, Tajikistan to be 66th out of 188 countries measured in February 2014, Kazakhstan ranked 58th, Uzbekistan was 171st and the Kyrgyz Republic ranked 81st. However the average download speed was discovered to be much lower than that in the EU.
It was reported in 2010, that Kazakhstan had the largest number of infected computers and spam traffic, being 85%, among the rest of the CAS. To greatly emphasize the seriousness of the situation, in 2013 around 92 percent of organizations within Kazakhstan experienced at least one cyber-attack. Some theorize that the most likely reason behind this would be due to the vast number of internet users and Kazakhstan’s very appealing financial state, where Kazakhstan’s GDP was at all-time high. Uzbekistan was then said to have 8 percent and the Kyrgyz Republic with 4 percent of infected computers.
Cyber Crime Cases in Central Asian States
On July 19, 2010, a group of boys in their teens from Russia managed to hack into the National Space Agency website of Kazakhstan by creating a user account with administrator rights, to prove the lack of safety and protection within the system. One of the boys aged 14, claimed that the developers did not successfully and carefully enough protect the portal. The boy and his friends understood what they did was illegal, but they did what they did to show the developers of the Kazakhstani website where its vulnerability lies.
Another few examples being that in 2012 and 2013, multiple government websites of the Kyrgyz Republic were vandalized by hackers who were thought to be originating from Estonia and Turkey. Also in 2012, a hacker from Turkey changed the passwords to many websites coming from Kazakhstan. Later in 2013, nine Kazakh legal websites were claimed to be hacked by a team in Southeast Asia.
Often hackers seek motivation in competition or revenge. During 2011, a Kazakhstani website which would sell cars was struck with a severe distributed denial of service (DDoS) attack. The owners of the business though that revenge was the motive of the attack as some of the site administrators has declared war against fraudsters who attempted to sell cheap and broken card through their site.
In early 2013 an Uzbek case characterized Hacktivists. Two defacing attacks occurred on the official website for radio broadcasting and national television company in Uzbekistan. The hackers themselves were from Uzbekistan and called themselves “Clone-Security”. They pulled the hacking stunt in order to create a public statement where they were able to criticize their government. ‘Clone-Security’ was also held accountable for defacing the website of the Ministry of Healthcare in 2012 because they disagreed on a policy brought forth by the government.
The same group ‘Clone-Security’, also had ambitions to attack foreign policies. In February 2013, it launched a series of cyber-attacks on the Kyrgyz public and government websites, such as: Supreme Court, the State Committee of National Security, the Anti-Terrorist Center and the Ministry of internal Affairs.
Another form of cyber-crime is called: ‘Cyber Fraud’ which is committed in the financial sphere. Example being, in 2009, when a 20-year-old Kazakhstani IT specialist hacked in to the IT system of a bank in Kazakhstan and transferred 1 million US dollars to his bank account. Another example is when, in March 2012, the owner of a Kyrgyz entertainment website suffered several DDoS attacks. The hacker sends a message to the ownering, blackmailing him and warning him that the attacks would continue unless he paid.
Major Parties Involved:
Kazakhstan (Ministry of Internal Affairs, “K” Department)
In April 2003 the “K” Department within the Ministry of Internal Affairs was established in order to deal with a large amount of cyber-crimes committed through usage of computers or internet technology. The department focused on preventing problems such as counterfeit DVDS, cyber bullying, the spread of any and all information which would encourage terrorism, violence, cruelty, child pornography and extremism. Later the Kazakh authorities established another organization by the name of “National Contact Point” in order to fight IT crime and to exchange details and important materials and messages with the Commonwealth of Independent States and foreign allies. Initiatives relating to cyber security in Kazakhstan often are set forth from the head of state. A particular unit which was created in order to police and oversee internet aggression, and propose the term “electronic sovereignty” into the international law. Also at the 66th session of the United Nations General Assembly in 2011, president Nursultan Nazarbayev urged that the usage of a Treaty on Global Cyber Security be increase.
Within the Kyrgyz Republic, a group was established which focused on handling cyber threats. The group was established inside the Ninth Main Directorate of the Ministry of Internal Affairs in 2009. Its main objective was to locate and look out for the online existence of extremist organizations, such as Hizb ut-Tahrir (a pan-islamist political organization). Cyber criminals were also caught in Tajikistan by the Directorate for combating organized crime.
United States of America
U.S officials traveled to Uzbekistan and Kazakhstan from July 20th 2018 to July 23 2018 to discuss important matter such as economic and security cooperation with multiple representatives from the five CAS. The U.S State Department reported on July 23 took place under the C5+1 format which means besides the United States, five other groups joined being Tajikistan, Kazakhstan, Turkmenistan, Kyrgyzstan and Uzbekistan. The C5+1 is the main regional diplomatic platform through which the 5 CAS and United States cooperate on improving standards of security. The U.S (United States) acting Deputy Assistant Secretary of State for Central Asia , Henry Ensher, led thw U.S delegation to the Security Working Group on July 23. Tashkent, the capital of Uzbekistan, is where the conference meeting held place. Where the countries delegations discussed how to counter violent extremism, fight terrorism, maintain border security and prevent cyber-crime and ensure cyber security.
Human Rights Watch and Turkmenistan
The UN Human Rights Watch has requested a German technology company to publicly announce whether it is considering to or not to sell products to Turkmenistan. The HRW (Human Rights Watch) wants to address the possibility that the German made technology may be used by the Turkmen government to block certain websites and carry out surveillance which are violation of the human rights. Currently the government of Turkmenistan has control of all sources of media, arbitrarily blocks access to find information and regularly carries out surveillance on cellphone and other communications to identify and persecute critics. HRW stated that a person very aware of the matter and situation explained that the Turkmen government was hoping to receive the German technology in order to block and monitor satellite and mobile communications, which would further give the government the ability to block internet access. Later in March, HRW wrote a letter to German technology company, Rohde and Schwarz, asking whether or not it had already supplied Turkmenistan with certain products. Rohde and Schwarz soon replied, saying in the letter “does not disclose information on its business and customers in security-relevant areas” (Rhode and Schwarz). Not long after, HRW asked the Berlin government to “ensure that no German companies play any part in the Turkmen government’s use of surveillance to prevent and punish criticism of the authorities or use of technologies to unlawfully restrict access to information.”
United Nations Office on Drugs and Crime (UNODC)
In response to the growing problems of cybercrime in CAS, the UNODC Program for Central Asia is offering capacity growth opportunities for the member countries and states under the “Combatting Cybercrime in Central Asia” component which was launched in 2017 and funded by the Government of Sweden. As part of the activities planned under the component of cybercrime, a series of specialized training workshops for all CAS were organized through November – December, 2017. This included three regional training workshops on drug trafficking via the internet, followed by training on cryptocurrencies and money transfer systems. Lastly, a workshop on online child exploitation was held. The training on online internet drug trade and trafficking- Drugs@Online, was delivered from 20 – 24 November in Kazakhstan within the capital city of Astana and was organized in cooperation with the Embassy in the Republic of Uzbekistan, Embassy of Italy and the Italian Central Counter-Narcotics Directorate. The workshop covered the phenomenon of trading controlled substances on the internet and techniques used by law enforcement agencies to effectively counter such crimes. In particular, the participants of the training were introduced to the technical aspects of the topic – usage of various instruments such as onion routers, virtual private networks and the darknet. The agenda also included sessions on techniques applied to combat drug trafficking via the internet.
Previous attempts to sovle the issue
Realizing that defending against cyber threats demands cooperation with other international stakeholders, regional leaders have raised issues of information security within the framework of regional organizations. At the summit of the Shanghai Cooperation Organization (SCO) in 2006, heads of member states signed the Declaration on International Information Security. In 2009, participants in the SCO summit in Yekaterinburg, Russia, adopted the Yekaterinburg Declaration, which underscores the urgent need to respond to cyber threats. In the SCO, information security was deemed as important as national sovereignty, national security, and social and economic stability.