What caused Pakistan’s biggest data center attack?


The data center of the Pakistani Federal Board of Revenue (FBR), which recently weathered a malicious cyberattack, has been restored. Illustrative picture.
Photo credit: Reuters

2020 is often referred to as the year of the digital pandemic as it has seen the most recent hacking incidents. This year is not far back, because even the most sophisticated systems around the world cannot claim to be completely secure.

With this in mind, system hacking in Pakistan should come as no surprise. The country is in the process of digital modernization in important departments and ministries and the transition from the old to the new has its own weak points.

However, not every incident can be treated as an ordinary job by devious minds who practice malware; some have serious security and financial implications.

That explains why the recent hacking attacks on the system of the Pakistani Federal Board of Revenue (FBR) – the national nerve center for the collection, listing and documentation of tax-related inflows and outflows – are causing waves.

Great level of disruption

The hackers attacked the FBR data center and resulted in all official websites operated by the control machinery being paralyzed for more than 72 hours. The attack was immediately identified based on the level of disruption it caused. There were frantic efforts to restore the sites and locate the damage done.

The system returned to normal life after days of hectic trying. Officials do not yet know if the attack was able to alter the core database, annoy it with records, or completely delete / destroy some of it. At the moment there is sigh of relief that the ordeal is over.

FBR officials claim they acted quickly and were able to thwart this massive invasion. Other bodies, such as Pakistan Revenue Automation Limited, which are concerned with protecting the systems, also believe that the response has been quite effective and effective. Still, doubts and questions remain.

There is no clarity on how the hackers scaled such solid filter walls as claimed by the tax authority. Some reports claim that the hackers “got into the system by hacking the logins and passwords of the data center administrators”. Another possibility is mentioned in the reports: The FBR’s technical wing’s initial assessment was that the hackers had infiltrated the system through a Hyper-V connection.

Modernization of Pakistan’s digital systems

This confusion should now have been eliminated and the exact type of attack and the abuse of vulnerabilities identified. In addition, the FBR has been given consistent global financial assistance to modernize its digital systems.

Millions of loans from the World Bank are earmarked for this. The digitization offensive has been in progress since the 1990s. Global aid is being provided because the FBR’s work is critical to reversing a deficit economy and creating fiscal space for human development and other projects.

That the government is relying on digitization can be seen from the fact that the Federal Cabinet recently put all of its work online and created a paperless environment in the Prime Minister’s office.

The Treasury Department aims to generate over Rs 250 billion in revenue this year by installing nearly 62,000 new point-of-sale machines that will atomize sales and taxes payable. With so much riding on digitized databases, the hacking incident looks like a huge mistake.

Some reports suggest that World Bank-backed digitization efforts had stalled temporarily, opening the window of hacking opportunity for those waiting to cause a breakdown. One report even claimed that the intelligence services had warned of a planned major cyber attack in good time.

And it is not only the economy that is relying on digital assumptions today. Politics has also become technology-centric since the government began shifting voting to electronic voting machines for nearly eleven hundred million voters.

The opposition claims the system can be exploited, while the government claims this is the way to achieve symptom-free surveys.

Between this sparring of fear and expectations lies a long way full of hackers, both locally and internationally.

If FBR’s systems are sedentary ducks, can new voting machines be safe? A satisfactory response to the query will only be available if the details of the attack that crashed FBR’s websites are disclosed. A technical issue is now overloaded with political undertones.

Syed Talat Hussain is a well-known Pakistani journalist and writer. Twitter: @ TalatHussain12


About Author

Leave A Reply