Wednesday 7 September 2016

The Risk of Hacking Dissent in Kazakhstan








A recently released report by the Electronic Frontier Foundation has illustrated the increasing ferocity of the Kazakh government’s cyber campaign against dissent in Kazakhstan. According to the report, the Kazakh government has continued its campaign of intimidation against journalists, opposition members and their families, associates, and lawyers of those who are involved in any litigation with the Kazakh government via malware, cyber-espionage and even kidnapping.

Termed Operation Manal by the Electronic Frontier Foundation, the Kazakh government hired two independent cyber security firms to supply monitoring malware to surveil and collect data on the Central Asian government’s most outspoken opponents.

Silencing Dissent

Unfortunately this is only the latest chapter in the Kazakh government’s war on dissenters. Since 2011, Kazakhstan has increasingly attempted to establish a Kazakh version of the Great Firewall of China.

Starting softly by forcing all news and forcing sites with .kz domain names to channel their traffic through local Kazakh servers, the Kazakh government effectively pushed multinational companies like Google and Russian blogger sites out of the Kazakh market and opened the way for domestic monitoring of the Internet. In 2012 the Kazakh government targeted news and media outlets that had been critical of the government’s reaction to the December 2011 Zhanaozen strikes, forcing four outlets offline.

Since 2012 the Kazakh government has utilised a variety of malware and targeted spearphishing operations run by hired overseas actors to forcibly crackdown on what it sees as the core instigators of Kazakh political dissent. Mukhtar Ablyazov, the founder of the opposition party, Democratic Choice for Kazakhstan, was one target of Operation Manul’s malware. According to the EFF report, malware was utilised to identify the location of his wife and six year old daughter in Italy. They were then seized by Italian authorities and taken as apparent political hostages by Kazakh President Nursultan Nazarbayev in 2013.

Other main voices of public dissent including the newspaper (and now online journal), Respublika, and the blog, Kazaword, have been targeted by the government through both cyberattacks and through the U.S. court system. The Kazakh government’s representatives are currently attempting to use American law to threaten Respublika's web host and to extract information on the organization from Facebook's logs, all the while monitoring Respublika’s founder Irina Petrushova and her husband through its cyber intrusion programmes.

Recreating China’s Great Firewall

Since January 2016, the Kazakh government has extend its cyber surveillance to the whole of Kazakhstan and intercepted all of the country’s encrypted web and mobile phone traffic. Mandating that all Kazakh citizens install a new “national security certificate” on their computers and smartphones that intercepts requests to and from foreign websites, officials can now read mobile and web traffic between Kazakh users and foreign servers, breaking current privacy protections such as SSL.

Attempting to ease the privacy concerns surrounding the new initiative, Kazakhstan’s largest telecommunications company, Kazakhtelecom JSC released a press statement declaring that telecommunication operators were now “obliged” under law to intercept encrypted web and mobile connections flowing into its borders but that this was a measure to “secure protection of Kazakhstan users” who have access to encrypted content from “foreign Internet resources”.

The reality though, is it is little more than a cost effective version of China’s Great Fire Wall. While these measures will allow Kazakh officials to monitor and block large segments of Kazakhstan’s digital traffic for Internet and mobile users it will also cost Kazakhstan politically and economically.



Breaking Dissent or shrinking Economy?

In a recent article on China’s Internet censorship, Margaux Schreurs illustrated the adverse effect that China’s internet censorship is having on foreign investment. A number of issues were identified as being detrimental to businesses.

 Issue
Side Effect
Unreliable or slow Internet Access
Communication Delays, loss of online traffic to websites and business
Difficulty of Maintaining Privacy
Lack of confidence and financial development
Inability for Telecommunication Devices and applications to work
Mobile internet devices are unable to function correctly without their inbuilt software
Security Risks, Data Risks
Data stored by the government becomes an attractive target for hackers who can then utilise the data for their own personal use.
Consumer Wariness due to Government Retention of Data
No trust in domestic IT firm products  as they are seen to be unsafe
Table 1: Primary Side Effects of Internet Censorship for Business


Be it unreliable internet access, the lack of privacy or the inability of devices like mobile phones and computers to function correctly, Internet censorship can hinder companies from doing business and lead to delays in communications and poor financial development. These issues make countries with Internet censorship less attractive for foreign investment, a situation that Kazakhstan cannot currently countenance given the significant economic pressure on the Kazakh economy.

Security Risk

The lack of cyber security is also a prominent concern throughout the Central Asian IT market. In Kazakhstan, Uzbekistan and Kyrgyzstan, messenger services like Salem, Pager and Va4ach have struggled due to the perception that they are simply the government’s personal data collection agencies, who will steal their personal and business data.

The real concern for Kazakhs and for foreign companies involved in Kazakhstan, according to Steven M. Bellovin, a professor of computer science at Columbia University, was that Kazakhstan’s system would be a tempting target for hackers or foreign government’s cyber intrusion specialists. “Anyone who hacked these boxes would also be able to monitor traffic”.

This poses a significant risk not just to Kazak business but also to those foreign firms involved in the domestic market. As illustrated by the case of DigiNotar, a publically trusted Dutch certificate authority, who in 2011 were hacked thanks to Iran’s internet monitoring and issued a ream of fake certificates to access the accounts of 30,000 Iranian Gmail users. After the attack became public knowledge major technological companies like Google, Microsoft and Adobe blacklisted DigiNotar which went bankrupt several months later.

If this occurred in Kazakhstan and the Kazakh certificate authority is blacklisted then large sections of the internet will no longer be available to Kazakhs. A beneficial outcome if you are trying to control the net surfing population but of little value when trying attracting overseas investment.

Published First in Global Risk Insights