From January to April 2025, Kazakhstan recorded a rise in the number of cyberattacks on small and medium-sized businesses using malicious software, disguised as popular office programmes. This is reported by the media, citing specialists from Kaspersky Lab.
The highest activity was linked to the Zoom programme: around half of all unique malicious and potentially unwanted files were distributed under its guise. Compared to the same period last year, the number of such threats increased by nearly 22%.
Attackers also actively used the names of Microsoft Office products, including Outlook, PowerPoint, Word, Excel and Teams. Among the common threats, the largest share was taken by Trojans — 46% of all incidents. These are capable of performing unauthorised actions on devices: deleting, modifying or copying data. In second place was adware, responsible for 37% of infections. Such programmes are often installed alongside free third-party applications and can act as a gateway for more dangerous viruses.
As explained by the Managing Director of Kaspersky Lab in Kazakhstan, Central Asia and Mongolia, Valery Zubanov, the popularity of video services and office suites makes them a convenient disguise for cyberthreats.
“Saving money by using unlicensed software puts not only the company's reputation at risk, but can also lead to financial losses,” Zubanov stated.
To reduce risks, experts recommend that businesses train employees in digital literacy, especially in protecting against phishing; develop a clear incident response plan and assign responsibilities; reward system administrators for the absence of cyber incidents; regularly create backup copies of data on offline media; use exclusively licensed software and update it in a timely manner; and install antivirus solutions appropriate to the scale of the company.
Against the backdrop of increasing cyberattacks, it is worth recalling other recent information security incidents in Kazakhstan. Important personal data of clients from popular Kazakh online stores “Meloman” and “Imperia Tsvetov” ended up in the public domain. The leaked information includes names, phone numbers, delivery addresses, lists of ordered goods and customer comments.
Earlier, the largest leak of personal data of over 16 million 302 thousand Kazakh citizens occurred. The compromised database contains a full range of personal information: full names, Individual Identification Numbers (IIN), phone numbers, addresses, as well as data from medical and other departmental sources.
It also became known that personal data of the Chairman of the Board of the state corporation “Government for Citizens,” Arman Kenzhegaliev, was made publicly accessible.
Later, the Deputy Prosecutor General, Galymzhan Koigeldiev, reported that a criminal case had been opened regarding the large-scale leak of Kazakh citizens' personal data.