Important Alert: Google and Yahoo will require DMARC starting from Feb 2024.

Date of analysis: 08/08/2023

Uzbekistan DMARC Adoption Report 2023

The Importance of DMARC Adoption in Uzbekistan

Enhancing DMARC adoption within Uzbekistan holds the key to fortifying the nation’s digital fortress, symbolizing a proactive stride towards safeguarding both today’s assets and tomorrow’s prosperity. In the wake of escalating cyber attacks, Uzbekistani organizations must improve their defenses against email-borne attacks, shielding their clientele from digital malice. 

With Email authentication such as DMARC, organizations in Uzbekistan can display their devotion to practicing strong email authentication and security that fortifies their brand image, and adequately protects their email and information. This is especially important for financial, governmental, healthcare, and educational establishments that exchange sensitive information via email.

Is Uzbekistan Adequately Protected Against Email Fraud?

DMARC-adoption

Uzbekistan has seen a steady increase in targeted phishing attacks, spoofing, and malware infections since 2020. Presidential Resolution No. PP-167, issued on May 31, 2023, has sanctioned a fresh set of cybersecurity regulations for companies. Titled “On additional measures to enhance the cybersecurity system of critical information infrastructure facilities in the Republic of Uzbekistan,” the resolution outlines the new requirements, encouraging organizations to take a proactive approach to cybersecurity and incident response. 

The regulations are likely to affect all businesses with important information systems in the field of agriculture, banking and finance, chemicals, defense and national security, energy, IT, mining, public health, telecoms, etc.

The State Unitary Enterprise “Cybersecurity Center” reported a staggering 1.3 million cyberattacks targeting “uz” segment websites in 2021 alone, underscoring the utmost relevance of cybersecurity and financial fraud concerns in Uzbekistan. Read more

The above-mentioned statistics highlight the lack of email security in Uzbekistan, and the immediate need to be proactive. 

In this report, we focussed on answering the following questions: 

  • What is the current situation of DMARC adoption and enforcement in organizations in Uzbekistan?

  • How can we improve the cybersecurity and email authentication infrastructure in Uzbekistan to mitigate impersonation attacks?

To gain better insight into the current scenario we analyzed 826 domains belonging to top businesses and organizations in Uzbekistan, from the following sectors:

  • Healthcare
  • Energy
  • Government
  • Banking
  • Educational
  • Telecommunication
  • Media and entertainment
  • Transport

What Do the Numbers Say?

An in-depth SPF and DMARC adoption analysis was conducted while examining all 826 Uzbekistani domains, which led to the following revelations:

SPF Adoption Analysis in Uzbekistan

Uzbekistan dmarc adoption

DMARC Adoption Analysis in Uzbekistan

DMARC-Adoption-Analysis-in-Uzbekistan

Graphical Analysis: Among all 826 domains examined that belong to various organizations in Uzbekistan, 527 domains (63.8%) possessed correct SPF records, while 281 domains (34.02%) unfortunately had no SPF records at all, and 18 domains (2.2%) had incorrect records. 

199 domains (24.09%) had correct DMARC records, while 2 of the domains (0.2%) had DMARC records that contained errors. A vast majority of domains (625 domains making up 75.66%) had no DMARC records at all. 102 domains had their DMARC policy set at none (12.3%), enabling monitoring only, while 51 domains (6.2%) had their DMARC policy level set at quarantine, and 46 domains (5.8%) had their DMARC policy set at maximum enforcement (i.e. p=reject).