Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Kazakhtelecom JSC

Kazakhtelecom JSC Vendor Cyber Rating & Cyber Score

telecom.kz
in
Add Your Compliance Badge
ISO 27001
SOC 2 Type 1
SOC 2 Type 2
PCI DSS
HIPAA
GDPR

JSC «Kazakhtelecom», the national carrier of Kazakhstan and one of the fastest growing telecommunications companies in the former Soviet Union, provides a broad spectrum of infocomm services. The central office is located in the capital of Kazakhstan - Astana. The company employs about 30 thousand people. JSC «Kazakhtelecom» has regional offices in each area of the country and provides services throughout the country. According to operative data as of 1 January 2009 the company serves more than 3, 333 million fixed-line subscribers. The telephone density in the Republic of Kazakhstan is an average of 21.3 fixed lines per 100 people. JSC «Kazakhtelecom» closely cooperates and works with more than 40 operators from both near and far


Kazakhtelecom JSC A.I CyberSecurity Scoring

Incident Details
Kazakhtelecom JSC
Company Information
Website:http://www.telecom.kz
Employees number:767
Number of followers:0
NAICS:517
Industry Type:Telecommunications
Homepage:telecom.kz
Cyber Premium EstimationGet Supply Chain
Kazakhtelecom JSC Risk Score (AI oriented)
Between 800 and 849
logo
Kazakhtelecom JSCTelecommunications
Updated:
01/04/2026
826/1000
Good
A
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Kazakhtelecom JSC Global Score (TPRM)
xxxx
logo
Kazakhtelecom JSCTelecommunications
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Kazakhtelecom JSC
Kazakhtelecom JSCGood
Current Score
826A (GOOD)
01000
1 incidents
-19 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JUNE 2026
826Before Incident
MAY 2026
826Before Incident
APRIL 2026
826Before Incident
MARCH 2026
826Before Incident
FEBRUARY 2026
825Before Incident
JANUARY 2026
825Before Incident
DECEMBER 2025
739Before Incident
NOVEMBER 2025
739Before Incident
OCTOBER 2025
738Before Incident
SEPTEMBER 2025
757Before Incident
Cyber Attack
27 Sep 2025Kazakhtelecom JSC
Kazakhstan Telecom Firm (unnamed in article)

Ongoing PlugX (Korplug/SOGU) Malware Campaign Targeting Central and South Asian Telecommunications and Manufacturing Sectors

738After Incident
CRITICAL-19
KAZ0632406092725
A telecommunications company in Kazakhstan was targeted by the China-linked APT group Naikon (Lotus Panda) as part of an ongoing cyber espionage campaign distributing a new PlugX malware variant. The attack leveraged DLL side-loading via a legitimate Mobile Popup Application executable to decrypt and execute malicious payloads (PlugX, RainyDay, and Turian backdoors) in memory. The PlugX variant included an embedded keylogger plugin, enabling data exfiltration, persistent access, and potential lateral movement within the network. The campaign exhibited strong ties to Chinese state-sponsored actors, with overlaps in encryption methods (XOR-RC4-RtlDecompressBuffer), target selection (telecom and manufacturing sectors in Central/South Asia), and tooling shared with BackdoorDiplomacy (another China-aligned APT). While the exact data compromised was not disclosed, the focus on telecom infrastructure suggests risks of intellectual property theft, customer data exposure, or disruption of critical communication services. The attack aligns with long-term espionage objectives, potentially threatening regional economic stability and national security due to the strategic importance of telecom networks in Kazakhstan—a country bordering multiple high-risk geopolitical zones.
INCIDENT DETAILS -
TYPE
Malware CampaignAdvanced Persistent Threat (APT)Remote Access Trojan (RAT)DLL Side-Loading AttackCyber Espionage
MOTIVATION
Cyber EspionageIntelligence GatheringLong-Term PersistenceTool/Infrastructure Sharing (potential)
IMPACT
Potential exfiltration via PlugX keylogger pluginData targeted by modular Bookworm RAT (arbitrary commands, file upload/download)Telecommunications firms (e.g., Kazakhstan telecom company)Manufacturing sector entitiesSystems running Mobile Popup Application (DLL side-loading vector)ASEAN-affiliated countries (Bookworm targets)Persistent access by APT groupsPotential lateral movement within networksC2 beaconing via compromised infrastructure (Bookworm)Reputational risk for targeted telecom/manufacturing firmsPotential loss of trust in regional cybersecurity posture
DATA BREACH
Potential keylogger-captured data (PlugX)System metadata (via RAT commands)Exfiltrated files (Bookworm upload functionality)High (potential intelligence value)Operational data (telecom/manufacturing)Likely (via PlugX/RainyDay/Turian C2)Confirmed for Bookworm (file upload capability)XOR-RC4-RtlDecompressBuffer (payload encryption)RC4 keys reused across campaigns
REFERENCES
Blog URLSource URL
AUGUST 2025
757Before Incident
JULY 2025
757Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Kazakhtelecom JSC ?
?
What was Kazakhtelecom JSC's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Kazakhtelecom JSC's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Kazakhtelecom JSC's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Kazakhtelecom JSC's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Kazakhtelecom JSC's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Kazakhtelecom JSC's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Kazakhtelecom JSC's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Kazakhtelecom JSC's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Kazakhtelecom JSC's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Kazakhtelecom JSC's A.I Rankiteo Cyber Score in August 2025 ?
?
What was Kazakhtelecom JSC's A.I Rankiteo Cyber Score in July 2025 ?
?
What is the average per-incident point impact on Kazakhtelecom JSC's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Kazakhtelecom JSC ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Kazakhtelecom JSC's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?