Date of analysis: 03/08/2023

Kazakhstan DMARC Adoption Report 2023

Why is Increasing DMARC Adoption in Kazakhstan Essential?

Boosting the adoption and correct deployment of DMARC in Kazakhstan is an important step toward furthering the security of the country’s online defenses. It’s a proactive step to keep our digital world safe now and in the future. As cyber attacks increase, Kazakhstani organizations need to do more to stop harmful emails from getting through and harming their customers.

By using email authentication tools like DMARC, Kazakhstan’s organizations can show they’re serious about protecting their emails. This not only makes them appear as credible sources but also keeps their information safe. This is really crucial for financial establishments like banks, government offices, hospitals, and schools that send private information through emails, along with any organization dealing with sensitive data.

Is Kazakhstan Adequately Protected Against Email Fraud? 

In the first half of 2021, the Kazakh computer security team, KZ-CERT, dealt with a whopping 11,432 cases of cyber threats. That’s a 15% jump compared to last year. 

Businesses, governmental establishments, and unsuspecting individuals have all been on the attacker’s hit list. As reported on August 2021, no bank in Kazakhstan could prove they had strong security measures in place needed to safeguard their websites, data, or emails from cyberattacks. The state government recognized that the reason for these drawbacks was the lack of education and awareness against information and communication security, especially among small and mid-sized businesses in Kazakhstan. 

In May of 2023, Ukraine’s computer emergency response team, known as CERT-UA, detected a cyber-espionage operation directed at an undisclosed Ukrainian government agency.

Researchers pinpointed a threat actor labeled as UAC-0063, which exhibited indications of intent to focus on countries including Mongolia, Kazakhstan, Kyrgyzstan, Israel, and India. Attack vectors and modes of deployment included compromised email accounts and email phishing scams. 

The above-mentioned statistics highlight the potential threat to email and information systems in Kazakhstan, and the immediate need to be proactive.

In this report, we focussed on answering the following questions: 

  • What is the current situation of DMARC adoption and enforcement in organizations in Kazakhstan?

  • How can we improve the cybersecurity and email authentication infrastructure in Kazakhstan to mitigate impersonation attacks?

To gain better insight into the current scenario we analyzed 525 domains belonging to top businesses and organizations in Kazakhstan, from the following sectors:

  • Healthcare
  • Energy
  • Government
  • Educational
  • Telecom
  • Media
  • Transport
  • Banking

What Do the Numbers Say?

An in-depth SPF and DMARC adoption analysis was conducted while examining all 525 Kazakhstani domains, which led to the following revelations:

SPF Adoption Analysis in Kazakhstan

SPF-Adoption-Analysis-in-Kazakhstan

Graphical Analysis: Among all 525 domains examined that belong to various organizations in Kazakhstan, 394 domains (75%) possessed correct SPF records, while 106 domains (20.2%) unfortunately had no SPF records at all, and 25 domains (4.8%) had incorrect records. 

A vast majority of domains (350 domains making up 66.7%) had no DMARC records at all. 79 domains had their DMARC policy set at none (15%), enabling monitoring only, while 46 domains (8.8%) had their DMARC policy level set at quarantine, and 46 domains (8.8%) had their DMARC policy set at maximum enforcement (i.e. p=reject).

Sector-wise Analysis of Kazakhstani Domains

Healthcare Sector

Key Findings

  • 31.4% of domains in the Kazakhstan Telecom sector had no SPF record 
  • 71.4% of DMARC-implemented domains were at p=none offering no protection
  • No DMARC record was found for 80% of the domains

Energy Sector

Key Findings

  • 9.7% of the domains had no SPF record published in their DNS
  • 71% of the domains had no DMARC record published in their DNS
  • 22.2% of the domains with DMARC implemented were on a “none” policy

Government Sector

Key Findings

  • 16.9% of the domains had no SPF record published in their DNS
  • 72.9% of the domains had no DMARC record published in their DNS
  • 50% of the domains with DMARC implemented were on a “none” policy

Banking Sector

Key Findings

  • 15.1% of the domains had no SPF record published in their DNS
  • 57% of the domains had no DMARC record published in their DNS
  • 30.6% of the domains with DMARC implemented were on a “none” policy

Educational Sector

Key Findings

  • 31.6% of the domains had no SPF record published in their DNS
  • 74.7% of the domains had no DMARC record published in their DNS
  • 72.2% of the domains with DMARC implemented were on a “none” policy

Telecom Sector

Key Findings

  • 22% of the domains had no SPF record published in their DNS
  • 56.1% of the domains had no DMARC record published in their DNS
  • 66.7% of the domains with DMARC implemented were on a “none” policy

Media & Entertainment Sector

Key Findings

  • 18.4% of the domains had no SPF record published in their DNS
  • 59.8% of the domains had no DMARC record published in their DNS
  • 31.4% of the domains with DMARC implemented were on a “none” policy

Transport Sector

Key Findings

  • 17.8% of the domains had no SPF record published in their DNS
  • 69.2% of the domains had no DMARC record published in their DNS
  • 53.1% of the domains with DMARC implemented were on a “none” policy

Comparative Analysis of SPF Adoption among Different Sectors in Kazakhstan

The SPF adoption rate was found to be the lowest in the Kazakhstan educational and healthcare sector. The highest rate of SPF adoption was noted in the Kazakhstani energy, government, and banking sector.

Comparative Analysis of DMARC Adoption among Different Sectors in Kazakhstan

The Kazakhstan healthcare sector noted the lowest rate of DMARC adoption. The highest rate of DMARC adoption was noted among telecom, banking, and media & entertainment sectors however with considerably low rates of enforcement. A large percentage of organizations in all sectors had their DMARC policies at monitoring only.

Where are Organizations in Kazakhstan Going Wrong?

Upon reviewing 525 domains registered in Kazakhstan spanning various sectors and industries, it becomes evident that organizations operating within the country are making noteworthy errors that might potentially jeopardize the security of email communications shared with their clients or employees.

Methods to Improve Email Security in Kazakhstan

Kazakhstani organizations can take the following steps to improve their overall email security posture:

Benefits of PowerDMARC for Your Email Security Enhancement

Creating a secure email environment necessitates the activation of email authentication protocols—DMARC, DKIM, SPF, MTA-STS, TLS-RPT, and BIMI—across all domains within your company. This standardizes security measures for internal communications and guards against inadvertent or malicious sources.

PowerDMARC provides an extensive range of email security solutions to safeguard your brand reputation and shield customers from email-related threats. Our services simplify the intricate process of protocol setup, management, and monitoring.

Here’s what we offer:

Partnering with PowerDMARC bolsters your email domains and customer protection, ensuring secure and reliable communication for your organization and clients, and mitigating potential threats.