Digital technologies are meant to simplify life, yet in the hands of criminals, they can become a dangerous weapon, experts warn.
What is the current state of cybersecurity in Uzbekistan? How safe is it to store your data on foreign servers? Are Uzbek companies prepared for cyberattacks? Experts in the field discussed these important questions with the Daryo portal.
What cyber threats are most prevalent today, and what is the situation with cybersecurity in Uzbekistan?
Muhammad Rahimov, leading specialist at the Cybersecurity Center of the Ministry of Internal Affairs:
The cyberspace is a virtual environment created using information technologies, and it has no borders. For example, Uzbekistan, like any other country, has its territorial boundaries, laws, and restrictions, but cyberspace has no such limits. This means that malicious network requests can be sent from anywhere in the world to other countries. In our republic, as in other nations, there are cybersecurity threats, cyberattacks, and harmful network requests.
The Cybersecurity Center is tasked with protecting the information systems of state institutions. As part of this mission, monitoring systems have been implemented to analyze incoming information. Based on this analysis, we can say that the number of malicious network requests increases every year. For instance, if around 11 million such requests were recorded in 2023, today their number has exceeded 12.5 million.
These are promptly detected by our systems, and incoming requests to resources are blocked. Each system has measures in place for blocking.
Lochinbek Atoev, responsible employee of the Cybersecurity Center of the Operational Search Department:
In recent years, we hear terms like "cybersecurity" and "cyberspace" more frequently. The reason is simple: we live in a modern society where these issues have become pressing problems. Among the most relevant topics today are cybercrime and cyber fraud.
The main factor influencing the development of these threats is the active penetration of digital technologies into our daily lives. A simple example: while at home or even right in this studio, we can order a taxi, food, or buy tickets for a flight to another country. This is certainly convenient. However, alongside the development of these technologies, criminals are also learning to exploit them for their own gain.
This can be compared to a kitchen knife: it can be used to prepare food, or it can harm a person. Similarly, digital technologies are meant to ease life, but in the hands of criminals, they can become dangerous weapons.
How safe are user data stored in foreign companies?
Anvar Odilov, head of the Cybersecurity Monitoring Department:
The question of data protection is becoming a crucial aspect for any state, as each government is responsible for the safety of its citizens' personal and financial information. In Europe, there are strict requirements for data protection, one of which is the GDPR (General Data Protection Regulation) - a law on personal data protection in the European Union.
Uzbekistan also has its laws and requirements aimed at protecting citizens' personal and financial information. Among them are laws on personal data protection and banking secrecy. However, in the context of globalization, new questions arise related to foreign companies entering our market and our companies entering theirs.
These questions require a knowledgeable approach. Some international companies may consider that storing data outside the country is a cheaper or more convenient option, but this is not always safe. When processing such data, it is important to consider the company's responsibility to the users who have entrusted their data to it.
Therefore, it is necessary to establish clear requirements: if a server processes your financial or personal data, it must be located within the republic. This is especially true for financial operations: banking applications and financial transactions require even stricter controls to avoid data leaks abroad.
Are Uzbek companies ready for cyberattacks?
Anvar Odilov, head of the Cybersecurity Monitoring Department:
Today, many companies, banks, and fintech firms handle personal and financial data of citizens. Uzbekistan has a law on personal data protection that requires companies to process such data only on servers located in the republic. The transfer of this data abroad is prohibited.
Additionally, financial information, including all transactions of citizens, their salaries, and transfers, must be protected at a high level. We are aware of European data security standards. Uzbekistan currently lacks a similar standard, but in my opinion, it is time to develop them based on international experience. This will raise the requirements for banks and fintech companies, helping to protect users, their financial resources, and personal data.
Shakhzod Bakhtiyarov, responsible employee of "Kapitalbank":
In this process, banks must primarily guarantee the security of their clients' personal data. This needs to be enshrined in legislation and strictly monitored for compliance.
At present, each bank independently develops internal regulations for data protection. Some create their own data processing centers in accordance with international standards, while others use third-party services. However, if a bank transfers the personal data of citizens of Uzbekistan to data centers outside the country, it undermines trust in the banking system as a whole.
User awareness plays a significant role
During the discussion, opinions were expressed regarding users' awareness of how to protect personal data. Experts reminded that they can use complex passwords, two-factor authentication, and avoid suspicious links. These measures are quite sufficient to avoid becoming a victim of cybercrime.
In conclusion, the participants emphasized that the approach to cybersecurity needs to be reassessed, and the level of knowledge in this area must be continuously raised. Overall, the discussion confirmed that cybersecurity concerns not only IT specialists but also every internet user.