ISLAMABAD: Pakistan is facing the issue of cyber attack due to which government may lose sensitive information or intercept privileged communications.
The threat of cyber attacks really raised the hackles of the country’s security establishment when, just before the recent visit of Chinese president XI Jinping, computers at the country’s Foreign Office (FO) were hit by a cyber attack. The fact that it was the FO’s China desk that was targeted alarmed many and, sources within the department say, intelligence agencies are currently investigating the nature of the attack.
Although an FO spokesperson denied that anything like this had occurred, this account does figure into the larger picture: coordinated cyber attacks against governments, corporations and militaries around the world have picked up steam and some of the world’s leading cyber security firms are attributing a recent spate of state-level cyber attacks to Russian state-sponsored hackers.
In a report titled ‘APT28: A Window into Russia’s Cyber Espionage Operations’, leading US network security firm FireEye has tracked attacks on government, defence and educational infrastructure in at least 26 different countries, including Pakistan. According to the report, Russian hackers used the technique known as ‘phishing emails’, which involves sending a user emails with content of their interest, which usually has a malicious software embedded in it.
FO’s China desk reportedly ‘hacked’ ahead of Chinese president’s visit l Cyber-attacks originating from Russia target sensitive departments, military systems in at least 28 countries, including Pakistan l IT experts, insiders raise questions about local ISPs’ level of preparedness for sophisticated cyber spying l Individual users marked as easy targets, more susceptible to phishing attacks l Telecom official blames bad cyber security within departments, organisations for compromised communications
If the user opens or saves the phishing content, the malware or spyware installs itself into the user’s computer and can then be used to steal information or alter/erase important records. This method, which targets an individual rather than an entire network, affords the hackers a better chance of success.
“Individual user habits are almost never as robust as the measures an organisation or department takes with regard to cyber security,” said Shahzad Ahmed, country director of the digital rights group Bytes For All. According to Mr Ahmed, mobile devices such as phones and tablets were more insecure as compared to personal computers and laptops.
“On a computer, the user may install an anti-virus or anti-malware software. However, users seldom take similar measures when it comes to mobile devices.” In addition, apps and various services that are always running on smartphones can easily transfer user data to a third party without their knowledge, he said.
According to an internal security analysis of one of the country’s main ISPs, which was aimed at testing the efficacy of existing firewalls and security measures, at least 850 infected hosts or users whose computers were infected with malware were detected on that ISP’s network.
The security analysis noted that certain malware even attempted “outbound communications … from various international destinations to upload data from within the national network.”
“There are firewalls in all the right places, but they are a choking point in the network. ISPs such as PTCL see regular attempts such as denial of service attacks to compromise their firewalls. However, he was of the opinion that the easiest way to compromise any network’s security was by targeting individuals who had access to the back-end. “If a hacker gains access to, say, my computer, they would be in a position to do even more damage, because they would then have access to the barebones of the communications infrastructure. This is why most vendors have quite stringent security protocols.”
But a source in the Pakistan Telecommunication Authority (PTA) corroborated the IT experts’ account and admitted that incidents of cyber attacks were increasing. The number of attacks had risen to such levels that the authority had warned ISPs to be vigilant.
PTCL General Manager for Corporate Communications Imran Janjua also accepted that “International cyber landscape is full of dynamic security threats which are evolving, literally, on a daily basis.”
Mr Janjua clarified that most cyber attacks against government departments or other organisations were made possible “due to vulnerabilities in their web application layer and endpoint infrastructure.”
This means that while the ISP, which is the channel of communication used by such organisations, may be secured, the system at that department where messages originate from, may be compromised and may also infect other systems on the same network.
“Every organization is responsible for their own end-point infrastructure, as well as the security of their network and data.”
However, experts across the board agree that without a coordinated national cyber security strategy, Pakistan had no hopes of combating the kind of sophisticated cyber spying that appeared to be on the horizon.
Malware and spyware
Short for “malicious software”, software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. Malware acts against the requirements of the computer user. Spyware, on the other hand, can include key logging software, tracking cookies and Trojans, and can run undetected on host computers, feeding information to their operator.
This refers to illegal attempts to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication, such as someone you know or regularly correspond with.
Much like the myth of the Trojan Horse of antiquity, trojan horse programmes are generally defined as a type of malware program containing malicious code which, when executed, carries out that typically include causing data loss or theft or possible system harm. Trojans often present themselves as useful or interesting in order to persuade victims to install them on their computers.