| Welcome to Global Village Space

Thursday, March 28, 2024

Cyber threats: A case study of Pakistan

The digital world is so vulnerable to virtual threats that no country can claim to have achieved fool-proof cybersecurity; however, the states can maximize the security of IT systems. The issue of cyber threats and security is getting prominent globally. It is transcending the political, social, and private boundaries.

Mary Kaldor; a British Academic coined the word “New Wars” in her book New and Old Wars. She described New Wars as ‘the wars of the era of globalisation.’ She argues that the logic of New Wars is clearly distinct from those of the Old Wars in four main areas: the actors involved, the intended goals, the methods used, and lastly the forms of financing. Since the end of the Cold War, a new phenomenon of globalization emerged which made the international system and the states within to be interdependent. As the concept of the very state existence as an individual entity started blurring, the shift in dynamics of war from that of traditional (Soldiers, fleet, weapons, artillery) to modern warfare (Cyber, Artificial Intelligence (AI), Machine Learning (ML))also took shape.

As the world has become more and more connected via the internet or digitized through information technology, the increase in incidents related to cyber security has become prominent. To understand the evolving nature of cyber threats, there is a need to understand the very phenomenon of cyber warfare. Cyber Warfare is generally defined as “a set of actions by a nation or organization to attack countries or institutions’ computer network systems with the intention of disrupting, damaging, or destroying infrastructure by computer viruses or denial-of-service attacks.

Read more: Covid-19 breeds cybercrimes

Understanding the matter better 

”The illegal transfer of money, web skimming, form jacking, acquisition of state secrets, and hacking of critical public infrastructure are all the tools utilized by hackers to achieve its goals. Dimensions of cyber-attack cover ecological, psychological, financial espionage, medicine, disinformation campaign, and command and control structure, etc.

The unique features of cyberspace, including its borderless character, its inherent interconnectedness, the anonymity it affords and its accessibility, have provided a thriving environment for non-state actors to act independently. Non-state actors can be any entity from an ordinary citizen to a patriotic hacker to a cybercriminal to a cyber-terrorist. The cyber domain is expanding at a much faster pace than hackers can, at will, disable networks from anywhere. Just imagine what will happen if the financial, electric grid system, transport and military command and control system of a country is paralyzed?

Pakistan too is vulnerable to cyber-attacks

It is ranked 7th in the list of countries vulnerable to cyber-attacks. Data theft, website defacing, and Distributed Denial of Service Attacks (DDoS) are frequently observed cyber-attacks against Pakistan. To provide a ground, several events are highlighted to address the vulnerabilities of Pakistan’s cybersecurity framework.

Pakistan became a victim of a sustained DoS attack for the first time in 2008 when the State Bank of Pakistan’s services were frozen for 21 days. Former CIA contractor Edward Snowden in March 2013 revealed that Pakistan was among the countries most targeted for surveillance by the U.S. National Security Agency (NSA). In June 2017, Pakistan’s Senate Committee on Foreign Affairs also warned the government that Pakistan was a principal target of cyberespionage. Likewise, in 2019, the mobile phones of some senior Pakistani officials were hacked.

Read more: Police, State and Society: Challenges And Opportunities in Pakistan

The hacking was done via WhatsApp using a malware called Pegasus

This malware was developed by the Israeli spyware company the Neighborhood Service Organization (NSO). It is still unknown who had targeted the Pakistani officials, but concerns were there as the Indian intelligence agencies are using the same malware against their lawyers, political leaders, human rights activists, and members of civil society. Recently, on 29 Oct 2021 cyber-attack on the National Bank of Pakistan is another example reminding us of the growing complexity and impact of the cyber-attacks.

To mitigate the growing threat of cyber-attacks, there is the need that government should make all-out efforts to ensure the security of the interconnected infrastructures of the country. Regarding technical measures for cybersecurity, Pakistan has established Pakistan Computer Emergency Response Team (Pak CERT) and Pakistan Information Security Association ─ Computer Emergency Response Team (PISA-CERT).

These bodies are designated to provide information, assistance, and capacity building in the cybersecurity domain. Further, Senate Defence Committee has also established Pakistan Research Centre for Cybersecurity under the Cybersecurity Task Force. Along with that Pakistan has also launched its first-ever National Centre of CyberSecurity (NCCS) in May 2018.

At present, the main law for cybersecurity in the country is the Prevention of Electronic Crime Act (PECA), which is to prevent and detect offenses related to the cyber world. It was introduced in 2016. Though the government is trying to utilize its resources to cope with the challenges and trends emerging in the field of cyber security but still it seems to be lacking in planning and initiatives regarding capacity-building in the cybersecurity domain.

Read more: Major cybercrime network Avalanche dismantled in global takedown

The way forward

The digital world is so vulnerable to virtual threats that no country can claim to have achieved fool-proof cybersecurity; however, the states can maximize the security of IT systems. The issue of cyber threats and security is getting prominent globally. It is transcending the political, social, and private boundaries. As threats evolve and come from varied foes and adversaries, there is a need to assess and make necessary modifications and rectifications in national cyber strategy.

Non-state actors wield more influence and pose greater national security risks in the cyber domain than they do on land, sea, and air. A state can achieve its nefarious goals by employing its resources in the cyber domain by proxy non-state actors who can be as effective as a nation-state in undertaking precision cyberattacks. There is also a need for the government must look into and address the issues related to cyber conflict with non-state adversaries.

Read more: Will Imran Khan face cybercrime charges? Why PMLN Govt is targeting Social Media?

To address the concern regarding the emerging trends in cyberspace, Pakistan must walk some extra miles to identify the future cyber threats facing it and formulate a comprehensive cybersecurity strategy. To mitigate the possible challenges in the field of cyber warfare, Pakistan needs to focus on integrated national initiatives which do not lie only in the military domain. A more cohesive and pragmatic approach is needed to counter this looming threat. Without managing these threats no country would be able to ensure its national and economic security.

 

The writer is a Senior Research Officer at the Center for International Strategic Studies (CISS) Islamabad. The views expressed in the article are the author’s own and do not necessarily reflect the editorial policy of Global Village Space.