Muneeb Imran |
In the 20th Century, oil was the most important commodity that drove growth and production but that is not entirely the case for the 21st Century. It has been replaced with data – most of biggest corporations like Amazon, Google or Facebook have data as the most critical element in their business. It won’t be an overstatement to assume that whoever has the knowledge to controls the data will have a pivotal role in the world, this was perhaps one of the reasons that Peter Sondergaard, Senior VP for Gartner, termed Information as the oil of the 21st Century.
Before I embark upon its relevance to Pakistan, I must highlight the recent nature of attacks that have surfaced and caused anguish and loss of reputation to many organizations in recent times. Perpetual attacks on Sony, in 2011 and in late 2014 had a data breach where more than 100 TB of data was lost, that included full-length unreleased movies, sensitive employee information and internal emails.
This attack was attributed to have been sponsored by a foreign government, while North Korea was implicated by the United States as being responsible for the attack and faced sanctions, it was also thought by Information and cybersecurity experts that the attack was orchestrated by another government to implicate North Korea. Recent attacks on the Equifax breach of 2.4M US consumers is also worth studying.
Pakistan’s lawmakers need to address this situation – define laws, build institutions and implement capacity building of national institutions – to deal with these challenges related to Information and cybersecurity.
Attackers have not only shown their zeal in acquiring data, selling it or putting it out in public but have also expanded upon impacting the national infrastructures and industrial control systems, which can cause a tremendous amount of loss to national kitties. In Ukraine, during late 2015, attackers performed highly coordinated, synchronized and well-planned attacks on 3 distribution electric utilities where 225,000 customers faced electrical outage for a duration of 3.5 hours.
Attackers attacked the SCADA systems and 50 substations were impacted. The duration of the outage was reduced to only 3.5 hours as Ukraine was quick to respond and recover power stations through manual procedures. Only a year later, Ukraine observed another attack which was targeted at their transmission and a single, highly automated substation was impacted causing a loss of 200MW. Ukraine through their recovery procedures were able to recover their systems in over an hour’s time.
A change has also been observed in attackers’ modus operandi during the past year or so where instead of carrying out data exfiltration and selling it on the darknet or out in public, they have attempted to encrypt the data of the organizations to disrupt their operations and in return, are seeking ransom in BitCoins for decrypting that data. It happens when a malicious attachment is delivered to a user in organizations through a phishing attempt and as the users open the attachment, the malicious payload is downloaded to the system which is able to encrypt the files or the entire hard drive itself.
In May 2017, UK’s National Health Services were greatly hit by a WannaCry ransomware that caused many hospitals to seize operationally – many surgeries that were not urgent were canceled, hospitals were not able to access basic medical records and many appointments were also canceled. This attack essentially brought UK’s National Health Services on its feet. Unfortunately, experts suggest that hospital and medical service providers will be the targets of such attacks in coming years.
Perpetual attacks on Sony, in 2011 and in late 2014 had a data breach where more than 100 TB of data was lost, that included full-length unreleased movies, sensitive employee information and internal emails.
Cyber warfare is no longer a distant reality and in the past, countries have successfully neutralized the capabilities of their adversaries through the propagation of Worms. Stuxnet Worm is an important case study in this regard. Stuxnet was a highly sophisticated worm developed to destroy nuclear enrichment centrifuges attached to Siemens controllers, it began to spread from the Middle East, specifically targeted towards systems in Iran. It was allegedly developed by Iran’s adversaries with the intent to disrupt its nuclear capabilities.
Read more: Cyber Security Issues in Pakistan
It was an evolution in the use of a worm to cause disarmament and destruction to a facility through the use of a malicious code in warfare between nations.
Now, what do these attack vectors tell us? They indicate the challenges that Pakistan may need to be prepared for in coming years. Though operations in Pakistan’s government institutions and many other organization are not yet completely automated and rely on human interference, they still they pose a challenge with the emerging business models. Unfortunately, lack of legislation and regulations make it easier for attackers to play the game according to their rules, this was also reflective in the recent data breach case of CAREEM.
Pakistan’s lawmakers need to address this situation – define laws, build institutions and implement capacity building of national institutions – to deal with these challenges related to Information and cybersecurity. This is because not only do they impact the corporate organizations and end users but they also pose a threat to national assets of strategic nature. There is a dire need to understand the strategic challenges that Pakistan faces today and how our vulnerabilities in information and cyber security can adversely aggravate those strategic challenges.
Muneeb Imran is a data solutionist, Information Security Engineer by Profession in Multi-National Telecommunication Organization based in Saudi Arabia. He is an active reader with a deep interest in information security, foreign policy, International Relations and Cricket. He can be contacted at firstname.lastname@example.org. The views expressed in this article are authors own and do not necessarily reflect the editorial policy of Global Village Space.