{"id":18921,"date":"2026-01-13T17:02:43","date_gmt":"2026-01-13T09:02:43","guid":{"rendered":"https:\/\/cybersdc.mn\/?p=18921"},"modified":"2026-02-13T20:26:37","modified_gmt":"2026-02-13T12:26:37","slug":"elementor-18921","status":"publish","type":"post","link":"https:\/\/cybersdc.mn\/?p=18921","title":{"rendered":"Cybersecurity in Mongolia (2025)"},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

In 2022, Mongolia announced an ambitious vision to become a \u201cDigital Nation.\u201d To realize this goal, the Government approved the ICT Sector Medium-Term Development Policy (2022\u20132027) and established the Ministry of Digital Development and Communications, later renamed the Ministry of Digital Development, Innovation and Communications (MDDIC), to oversee its implementation.<\/span><\/p>

Digitalization in Mongolia has advanced rapidly. As of 2025, 84% of the population (3.47 million people) is connected to the internet, with 5.13 million devices online. Digital public services\u2014most notably E-Mongolia, a one-stop government service platform\u2014have transformed daily life.\u00a0<\/span><\/p>

However, this rapid transformation has also expanded Mongolia\u2019s cyber-attack surface. While digitalization has accelerated transactions and improved service delivery, it has simultaneously introduced systemic cybersecurity risks that the country is still struggling to manage.<\/span><\/p>

Cybersecurity Challenges in a Rapidly Digitalizing Society<\/b><\/span><\/p>

Mongolia\u2019s growing dependence on digital platforms has been accompanied by a sharp rise in cyber threats. In 2024 alone, Mongolia recorded:<\/span><\/p>

– 1.6 million cyberattacks and incidents<\/span><\/p>

– 13,061 registered cybercrimes<\/span><\/p>

– Economic losses estimated at USD 25.4 million<\/span><\/p>

These figures represent only <\/span>known<\/span><\/i> cases. Given underreporting and limited detection capabilities, the real scale of cyber incidents is likely far higher.<\/span><\/p>

The trend is clear: cyber threats are increasing faster than Mongolia\u2019s ability to prevent, detect, and respond to them.<\/span><\/p>

Establishing a Legal and Institutional Framework<\/b><\/span><\/p>

Recognizing these vulnerabilities, Mongolia has taken important steps to strengthen its cybersecurity governance.<\/span><\/p>

In 2021, the State Great Khural adopted the Law on Cybersecurity, establishing the country\u2019s core legal framework for cybersecurity governance, protection, and incident response. This was followed in 2022 by a package of institutional and strategic measures, including:<\/span><\/p>

– Approval of the National Cybersecurity Strategy<\/span><\/p>

– Establishment of the Cybersecurity Council<\/span><\/p>

– Creation of the Cyber Crime Police Department under the National Police Agency<\/span><\/p>

– Formation of the National Computer Security Incident Response Team (NCSIRT \/ National CERT)<\/span><\/p>

– Establishment of the Public CSIRT\/CC <\/span><\/p>

– Creation of the Armed Forces Cybersecurity Center (AFCC)<\/span><\/p>

These measures significantly strengthened Mongolia\u2019s institutional architecture for cybersecurity.<\/span><\/p>

In the ITU Global Cybersecurity Index (GCI) 2024, Mongolia scored 56.36, placing it in Tier 3 (\u201cEstablishing\u201d). This marked a major improvement from 2020, when Mongolia scored 26.20 and ranked 120th out of 194 countries. By 2024, Mongolia had climbed to 103rd place, advancing 17 positions.<\/span><\/p>

Despite this progress, legal and institutional frameworks alone have not been sufficient to curb cyberattacks or cybercrime.<\/span><\/p>

Cyberattacks and Cybercrime on the Rise<\/b><\/span><\/p>

Cyber incidents targeting Mongolia\u2014especially government systems\u2014continue to rise. Government websites face constant attacks, and several high-profile breaches have demonstrated persistent vulnerabilities.<\/span><\/p>

Frequent and Targeted Cyber Threats<\/span><\/p>

– Around 70% of all cyberattacks targeting Mongolia were aimed at government agencies. Other targets included legislative bodies (11%), healthcare organizations (14%), and law enforcement (1%).<\/span><\/p>

Authorities reported Types of Attacks:<\/span><\/p>

– Phishing campaigns<\/span><\/p>

– Ransomware targeting institutions<\/span><\/p>

– Botnet traffic<\/span><\/p>

– Malicious code incidents.<\/span><\/p>

Notable examples include:<\/span><\/p>

– August 2024: The China-linked RedDelta threat group targeted Mongolia\u2019s Ministry of Defense, deploying a customized PlugX backdoor through spear-phishing emails using flood-related lures.<\/span><\/p>

– November 2023 \u2013 July 2024: Russian state-backed hackers (APT29) compromised multiple Mongolian government websites, including cabinet.gov.mn and mfa.gov.mn, using them as \u201cwatering-hole\u201d platforms to infect visitors\u2019 devices. These attacks leveraged vulnerabilities similar to those used by commercial spyware vendors.<\/span><\/p>

These incidents highlight a critical reality: Mongolia\u2019s cybersecurity capacity is not keeping pace with the sophistication of state-sponsored and organized cyber threats.<\/span><\/p>

Weak Data Center and Energy Capacity<\/b><\/p>

Mongolia currently has only 20\u201325 data centers, and just one-fifth meet essential standards such as:<\/span><\/p>

– ISO\/IEC 27001<\/span><\/p>

– Uptime Institute Tier II or higher<\/span><\/p>

These weaknesses are compounded by unstable energy supply, which further undermines digital resilience and service availability.<\/span><\/p>

Severe Shortage of Cybersecurity Professionals<\/b><\/p>

Human capital remains one of Mongolia\u2019s most pressing cybersecurity challenges.<\/span><\/p>

– Estimated ICT workforce needed: 27,000+<\/span><\/p>

– Current ICT professionals: ~12,000<\/span><\/p>

– Annual IT graduates: 2,000\u20132,100<\/span><\/p>

– Graduates specializing in cybersecurity\/system security: ~10%<\/span><\/p>

This gap is worsened as skilled professionals seek better opportunities abroad. As a result, Mongolia lacks sufficient expertise to protect its 2.9 million internet users, operate SOCs effectively, or investigate cybercrime at scale.<\/span><\/p>

Absence of Cyber Literacy: The Weakest Link<\/b><\/p>

A 2024 UNDP \u201cCybersecurity Awareness Research in Mongolia\u201d surveyed 1,000 well-educated young and middle-aged citizens. Key findings were alarming:<\/span><\/p>

– 51% use unauthorized or cracked software<\/span><\/p>

– 60% are unaware of ransomware, despite one-third encountering it<\/span><\/p>

– ~66% lack knowledge of Personally Identifiable Information (PII)<\/span><\/p>

– Nearly 50% reuse passwords across platforms<\/span><\/p>

– 47% use personal information in passwords<\/span><\/p>

– 71% have never heard of phishing or have no knowledge of it<\/span><\/p>

– Software updates, patch management, and data backups are widely neglected<\/span><\/p>

– Two-thirds do not know how or where to report cyber incidents<\/span><\/p>

Despite 70% mobile internet usage, mobile security awareness is almost nonexistent.<\/span><\/p>

This data confirms a fundamental truth; cybersecurity is only as strong as its least informed user.<\/span><\/p>

What Mongolia Lacks in Cybersecurity (2025 Summary)<\/b><\/span><\/p>

Mongolia\u2019s cybersecurity challenges are systemic:<\/span><\/p>

– Inadequate sovereign digital infrastructure<\/span><\/p>

– Limited and uneven implementation of cybersecurity policies<\/span><\/p>

– Severe shortage of skilled professionals<\/span><\/p>

– Weak data center and energy resilience<\/span><\/p>

– Critically low cyber knowledge across society<\/span><\/p>

– Insufficient detection, reporting, and response mechanisms<\/span><\/p>

Educating Citizens and Building Capacity: The Way Forward<\/b><\/p>

Mongolia\u2019s digital future depends on human security as much as technical security.<\/span><\/p>

Key Priorities:<\/span><\/p>

1. Integrate cybersecurity education into schools, universities, and public media.<\/span><\/p>

2. Expand scholarships, certifications, and hands-on training in cybersecurity and digital forensics.<\/span><\/p>

3. Diversify connectivity routes, strengthen domestic data centers, and improve energy resilience.<\/span><\/p>

4. Strengthen SOCs, CSIRTs, and cybercrime investigation units with modern tools and trained personnel.<\/span><\/p>

5. Expand partnerships for threat intelligence sharing, joint exercises, and capacity-building programs.<\/span><\/p>

Without a major investment in cyber security, will remain vulnerable. Cyber threats know no borders, but prepared societies can withstand them.<\/span><\/p>

\u042d\u0445 \u0441\u0443\u0440\u0432\u0430\u043b\u0436\u0443\u0443\u0434:\u00a0<\/p>

[1]<\/span><\/a>\u00a0Simon Kemp, \u201cDigital 2024:Mongolia,\u201d\u00a0<\/span>DatarePortal<\/span><\/i>, February 23, 2024,\u00a0\u00a0<\/span>https:\/\/datareportal.com\/reports\/digital-2024-mongolia<\/span><\/a><\/p>

[2]<\/span><\/a>\u00a0\u201cGlobal Cybersecurity Index 2024\u201d,\u00a0<\/span>The International Telecommunication Union (ITU),<\/span><\/i>\u00a02024,\u00a0<\/span>https:\/\/www.itu.int\/epublications\/publication\/global-cybersecurity-index-2024<\/span><\/a><\/p>

[3]<\/span><\/a>Ravie Lakshmanan,\u201d RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns\u201d,\u00a0<\/span>The Hacker News<\/span><\/i>, January 10, 2025,\u00a0<\/span>https:\/\/thehackernews.com\/2025\/01\/reddelta-deploys-plugx-malware-to.html<\/span><\/a><\/p>

[4]<\/span><\/a>\u00a0Clement Lecigne, \u201cState-backed attackers and commercial surveillance vendors repeatedly use the same exploits\u201d,\u00a0<\/span>Google Threat Analysis Group<\/span><\/i>, August 29, 2024,\u00a0<\/span>https:\/\/blog.google\/threat-analysis-group\/state-backed-attackers-and-commercial-surveillance-vendors-repeatedly-use-the-same-exploits\/<\/span><\/a>\u00a0\u00a0<\/span><\/p>

[5]<\/span><\/a>\u00a0\u201c\u0425\u0430\u0440\u0438\u043b\u0446\u0430\u0430 \u0445\u043e\u043b\u0431\u043e\u043e, \u043c\u044d\u0434\u044d\u044d\u043b\u043b\u0438\u0439\u043d \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439\u043d \u0441\u0430\u043b\u0431\u0430\u0440\u044b\u043d \u0445\u04af\u043d\u0438\u0439 \u043d\u04e9\u04e9\u0446\u0438\u0439\u043d \u044d\u0440\u044d\u043b\u0442, \u043d\u0438\u0439\u043b\u04af\u04af\u043b\u044d\u043b\u0442\u0438\u0439\u043d \u0441\u0443\u0434\u0430\u043b\u0433\u0430\u0430\u201d,\u00a0<\/span>\u0426\u0430\u0445\u0438\u043c \u0445\u04e9\u0433\u0436\u0438\u043b, \u0445\u0430\u0440\u0438\u043b\u0446\u0430\u0430\u00a0<\/span><\/i>\u0445\u043e\u043b\u0431\u043e\u043e\u043d\u044b \u044f\u0430\u043c, \u00a02021 \u043e\u043d, (Human resource demand, supply research report in IT sector), Ministry of digital development and communication, 2021.<\/span><\/p>

[6]<\/span><\/a>\u00a0\u201cCybersecurity Awareness Research in Mongolia Research Report\u201d, UNDP, October 2024.<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

In 2022, Mongolia announced an ambitious vision to become a \u201cDigital Nation.\u201d To realize this goal, the Government approved the ICT Sector Medium-Term Development Policy (2022\u20132027) and established the Ministry of Digital Development and Communications, later renamed the Ministry of Digital Development, Innovation and Communications (MDDIC), to oversee its implementation. Digitalization in Mongolia has advanced […]<\/p>\n","protected":false},"author":1,"featured_media":18927,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-18921","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/cybersdc.mn\/index.php?rest_route=\/wp\/v2\/posts\/18921","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybersdc.mn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersdc.mn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersdc.mn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersdc.mn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=18921"}],"version-history":[{"count":5,"href":"https:\/\/cybersdc.mn\/index.php?rest_route=\/wp\/v2\/posts\/18921\/revisions"}],"predecessor-version":[{"id":18928,"href":"https:\/\/cybersdc.mn\/index.php?rest_route=\/wp\/v2\/posts\/18921\/revisions\/18928"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersdc.mn\/index.php?rest_route=\/wp\/v2\/media\/18927"}],"wp:attachment":[{"href":"https:\/\/cybersdc.mn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=18921"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersdc.mn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=18921"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersdc.mn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=18921"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}