Globally, a newer threat is evolving – not for states only – but also for the rest of the private profit-driven world.
Billions of dollars are illegally transferring or stealing, privacies are exposing, state secrets are acquiring, public infrastructure is getting hacked, and whatnot.
This is the realm of cybersecurity; thanks to the IT for connecting the world via internet or digitized, no one can deny the fact that cyber threats are increasing day by day and Pakistan is no exception.
This nuclear state with a critical geopolitical position is increasingly exposed to threats in the cyber realm. So are the businesses and the private sector.
Pakistan with an internet users’ base of 44,608,065 (21.8% of the total population) is increasingly digitizing security apparatus as well as the banking system, which largely depends on internet connectivity.
Luckily, Pakistan has incorporated laws to tackle cyber threats, but sadly doesn’t cover the threats in-depth and wholeness; while the threats are evolving from varied foes and adversaries, we must assess them and make necessary modifications and rectifications continuously.
For that matter, we should know where we in the penchant of cybersecurity, let’s see what Cybersecurity Report 2019 has revealed.
Where does Pakistan stand in the CyberSpace?
We cannot out-rightly ignore hackers, as the cyberspace is expanding and where there is honey there are bees, the extended usage of information technology (IT) and Telecommunications (Telecom) are attracting hackers to misuse and disrupt the cyberspace.
Attack radar for hackers has also expanded to the extent that they can disable networks – imagine what will happen if the electric grid system, financial, transport and/or military command and control system of a country got hacked? It’s not something unusual, we have been witnessed millions of cyber-attacks targeting infrastructure and services.
Do you know?
- 25% of mobile malware was targeted in Pakistan
- Pakistan received a 1.41% share of Trojans Cryptors
- Pakistan is currently the 7th worst in the realm of cybersecurity.
It is therefore vital to possess the capability of not only defending such attacks but also the ability to launch counter-cyber-attacks.
I know this is easier said than done, because often the attacker’s identity is difficult to comprehend, especially when attacks are state-sponsored. Also, the asymmetry of attacks that further anonymize the hackers.
Nevertheless, countries must adopt measures and must have strategies for effective cybersecurity – I will help you with that too, but let’s look at some real-time stories of data breaches in Pakistan.
Data Breaches of Pakistan
- More than 19,000 card details of 22 Pakistani banks were stolen in a data breach. In the wake of the attack, 10 banks blocked their international transactions. More than 8,000 of those cards later found in the dump for prices ranging from $100 to $135 each. On October 27, the first cyberattack was reported by BankIslami, Rs2.6 million was stolen (within 23 minutes) from international payment cards after that, the bank stopped transactions and requested biometrically verification.
- In early 2011, we witnessed the biggest data breach as reports claimed that Punjab Information Technology Board (PITB) had created vulnerable mobile applications synching with the API of NADRA, which request details of Pakistani citizen via different means. According to WikiLeaks and Julian Assange, American and British intelligence agencies accessed NADRA’s database and got the hold of the identification records of Pakistanis. Thanks to unregulated e-governance apps, those were engaged in selling online tickets of cricket matches in Pakistan. These apps and credentials got leaked over time, and now the data of a 15-year-old kid is available online for 200 rupees per copy.
Aren’t these situations alarming for the entire nation!
Anyways, it’s never too late.
Let’s pledge to spread awareness and build a nation with head high to face all the malpractices out there.
Be a Survivor in the Current Wave of Cyber-Warfare
Cybersecurity should be defined as the body of technologies, processes, and practices to protect networks, computers, programs, and data from being attacked, damaged, or unauthorized access.
The last ten decades have brought much change to the ways states and non-state actors practicing the art of war; we proudly say this is the “information age,” but often ignore its downside.
In the case of Pakistan, cyberspace has been spreading into banking, education, telecom sector, military, and government sectors.
Some recommendations are;
- The first priority is a national policy or a framework to delineate the mission, aims, and goals of the state of cybersecurity. The draft for cybersecurity policy should be with the Ministry of Information Technology.
- To ward off attacks from cyberspace, CERT (Computer Emergency Response Team) should be implemented to the PEC (Prevention of Electronic Crimes) Act.
- Around 30 to 35 percent of bandwidth lost due to data packets not going directly to the source via reaching varying nodes present at different locations, and that’s why to take additional time and bandwidth. To deal with this, an Internet Exchange Point (IXP) is essential.
- Intra-agency and inter-agency intelligence sharing and coordination should be ensured.
- The role of experts, academia, and military in fighting off cyber threats is imperative; having a joint structure for civil and military coordination for assessment and response is needed.
- The issue of cybersecurity must be multi-sectoral and multi-layered. The national-level strategy is needed to counter arising challenges – in cyberspace and should be enforced and implemented via CERTs (national and sectoral).
- Side by side, there must be a balance between security and rights of citizens. Any cybersecurity practice will fail if it impinges on legal rights.
Preventive Measures for Pakistani Citizens
- Never reuse the same password on more than one website.
- Report any suspected fraud immediately.
- Use complex passwords and try to change them often.
- Avoid using credit cards on non-secure websites.
- Avoid sharing private information on public WiFi.
- Monitor your bank accounts regularly for fraudulent transactions; try to implement a two-step authentication method for transactions like; purchases or transactions of Rs10,000 and more.
- Beware of phishing scams – Never give out personal information in an email or over the phone and don’t open links in an email or text.
So, Pakistanis, what are you waiting for?
Grab your cybersecurity in your hands now!
Stay tuned to Brandsynario for more news and updates.
Submitted By: Zubair Hussain Khan