Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack therecord.media/kazakhsta…

Kazakhstan will audit its Foreign Ministry following a major cyberattack that researchers suspect may be linked to Kremlin-backed hackers, according to local media.

The Kazakh Digital Ministry responded to the attack after the release of a report detailing a cyberespionage campaign targeting diplomatic entities in Central Asia, including Kazakhstan. The hacker group behind this operation — tracked as UAC-0063 — is potentially linked to the Russian state-sponsored threat actor APT28, also known as Fancy Bear or BlueDelta.

Kazakh officials told the news outlet Orda they have been aware since the second half of 2023 of a cyberattack targeting the foreign ministry using the CherrySpy and Hatvibe malware strains. Authorities decided to conduct an audit of the ministry only after French cybersecurity firm Sekoia published a report on the incident last month. Based on the audit’s findings, Kazakhstan’s cybersecurity officials will take further action, the digital ministry said.