Why is this important
The annual rating is a revolutionary step towards increasing transparency and putting pressure on banks to improve cybersecurity. Announcing incidents and theft amounts damages reputation for poorly protected banks — clients pass to competitors. In 2025, 46,000 cybercrimes (1.2 trillion in damages) are a systemic problem requiring strict measures. Transparency encourages banks to implement protection (two-step authentication, biometrics, artificial intelligence for detecting fraud).
What happened
- The Ministry of Internal Affairs annually publishes a list of banks most affected by cyberattacks;
- Maqsudjon Mirabdullayev (Cyber Security Center of the Ministry of Internal Affairs) on November 3;
- Statistics on incidents, theft amounts, details of the investigation;
- Preliminary publications — end of the year;
- Banks are preparing proposals for cooperation.
Why publication
- Transparency: previous leaks and thefts were not reported. Now public information — clients, investors, regulators — will see which banks are vulnerable to cybersecurity.
- Responsibility: Banks bear strict responsibility for the prevention of cybercrimes. The publication damages reputation — clients run away from poorly protected banks.
- Incentives for improvement: banks will more actively implement protection (two-factor authentication, biometrics, artificial intelligence for detecting fraud), eliminate vulnerabilities, and raise standards.
What will be posted
- List of banks: the most cyberattacks.
- Event statistics: phishing, hacking attacks, fraud, data leaks.
- The amount of theft: how much was stolen in each bank.
- Details of the investigation: methods of committing cybercrimes, vulnerabilities of security systems.
Cybercrime
- 2025: 46 thousand cases (a 68-fold increase compared to 2020), 1.2 trillion.
Types:
- Phishing — calling under the guise of a bank, cheating SMS codes;
- Hacking attacks — interception of passwords, hacking OneID, banking applications;
- Fraud — formalization of microloans, loans, installment payments without the victim’s knowledge;
- Data leakage is the sale of clients’ personal data on the black market.
Banking problems
- Weak protection: SMS codes are the only authentication tool, easily intercepted by fraudsters.
- No biometrics: no Face ID, no fingerprints to confirm operations.
- System vulnerabilities: old software, unclosed gaps, hacker access.
- Customer negligence: SMS codes are sent to fraudsters by phone.
Reputation risks
Publishing the rating will create reputational risks for poorly protected banks:
- Customers will move to competitors with better protection;
- Investors will refuse investments;
- Regulators will strengthen inspections and fines.
Pressure on banks
- Incentive: banks will actively implement protection — two-factor authentication (SMS + biometrics), AI for detecting fraud, data encryption.
- Modernization: Banks will invest millions in updating security systems and eliminating vulnerabilities.
- Cooperation with the Ministry of Internal Affairs: banks are preparing proposals for information exchange and joint exercises to respond to incidents.
First posts
- End of the year: The Ministry of Internal Affairs will publish the first rating of banks with the highest number of cyber incidents for 2025.
- Comparison: will allow you to compare the effectiveness of cybersecurity measures in banks and choose the most reliable one.
Cooperation of banks with the Ministry of Internal Affairs
- Exchange of information: banks will share data on cyber incidents with the Ministry of Internal Affairs for joint investigation.
- Joint exercises: simulated cyberattacks to practice responding.
- Suggestions: Banks are preparing proposals to improve cybersecurity.
Context
- 46 thousand cybercrimes: a 68-fold increase since 2020, the damage is 1.2 trillion — a systemic problem requiring strict measures.
- Weak protection: SMS codes are easily intercepted, there is no biometrics, old software.
- Fraud is on the rise: Uzum Nasiya, Click, Payme — victims of phishing, SMS code deception.
- Transparency is a revolution: previously leaks were hidden, now public information — pressure on banks, protection of clients.
- Reputation risks: poorly protected banks lose clients, investors, and face fines.
