Federal Minister for Information Technology Syed Aminul Haque said that over 900,000 hacking attacks take place in Pakistan daily. Pakistan’s National Security Committee discussed the recent audio leaks, featuring candid conversations between key government officials, and called for an urgent investigation as well as a revamped legal framework. A feeling of distrust and terror have been spread around due to the recent audio leaks drama which forced the government and national institutions to rethink the national security policy
However, trustworthy firms that could issue security advisories, identify local threats, and have frontline expertise in threat intelligence, like Mandiant, do not exist in Pakistan yet. There are small, scattered islands of brilliance working in silos – with little coordination or exchange of notes among them.
The hacking of official and government websites is common all around the world. For example; recently the famous Colonial Pipeline hack in 2021 – a ransomware attack that stole 100 gigabytes of data within two hours and brought a major gas pipeline in the US to a standstill. President Joe Biden declared an emergency and the company had to pay a ransom of 75 bitcoins ($4.4 million) to a group of hackers who identify themselves as ‘DarkSide’.
This is where our Ministry of IT can take some lessons from Singapore; a country that sets out a licensing framework for cybersecurity service providers. The Cybersecurity Services Regulation Office (CSRO), categorized into penetration testing and security-operations center monitoring service providers, facilitates liaisons between the industry and the broader public on training under a new certification program.
Multiple audio leaks have surfaced in recent weeks that made headlines and even more were promised by the hacker. These leaks uncovered discussions that took place in the Prime Minister’s Office on policy issues involving the cabinet and other top government officials.
Open Source Intelligence Insider (@OSINT Insider on Twitter) claims that the audio files that have been made public are a collection of discussions that lasted 140 hours and included 100 8 GB files. The full collection of recordings, which have been on sale since August 20th, demanded $3.45 million. Additionally, according to @OSINT Insider, the phone calls made from the PM House were not secure.
This raises a lot of questions. Foreign dignitaries visiting Pakistan would be hesitant to talk at the PM House. They will pause before saying anything delicate. They will ask themselves a hundred times whether these conversations are being recorded.
The country’s highest executive office has been “spied upon” in a “severe breach of cyber security.” Despite established procedures, intelligence agencies are unaware of how the PM House has been bugged for months. Furthermore, according to sources, the Intelligence Bureau told Pakistan’s Prime Minister Shehbaz Sharif about the hacking that came to light a few weeks ago. The dark web announced that it would soon release additional information. “I will be providing ALL files sooner for undisclosed reasons,” the website claimed. There will be no more haggling and offers to sell the data will be taken. According to the dark web, the audios contain interactions with journalists, chats with government officials, conversations with the top military leaders and personnel, personal and official deals, and interactions between the first family and other families, among other types of material. Additionally, it stated that it has audio recordings of talks that may be used as evidence. These discussions included those with serving judicial appointments, with foreign dignitaries, and instructions or commands given by staff. “Hopefully this release will bring betterment to Pakistan,” the dark web letter said.
There were even some rumors that the hacker has been arrested and held under the government’s supervision for further action. This recent incident has made everyone more curious about cyber security as if the most prestigious house in the country is not safe and who is?
At the same time, countries like Israel are investing heavily in cyber weapons under a cyber-dome program – an AI-based real-time threat detection and mitigation project. The Israeli government also joined the Inter-American Development Bank (IDB) to establish a new cybersecurity initiative with a $2 million seed fund.
As per good practices, the best way to counter cyber-attacks is to maintain a Software Bill of Materials (SBOM) for every system which includes each component’s license type, patch status, and dependencies in the software supply chain. So, when a vulnerability is discovered in a component, all affected systems built on that component are automatically reflagged as exposed. For that to happen, organizations need to get a baseline audit done by a licensed company that can quickly patch the system in case of a new threat.
Tighter regulatory oversight of cyber security is coming, especially in Islamabad and the establishment is hoping to beef up oversight of such threats. Our cyber framework is a broken system – needing urgent repairs – and this is by no means an easy feat to accomplish.