Indian Hackers Target Pakistan

Indian Hackers Target Pakistan
In the age of digitisation and technological advancement, emerging nations must protect their official data against data theft and ensure their cyber security. Usually, we read reports that the data of some public or business websites have been compromised. Chinese hackers reportedly breached American business websites; the most recent incident was the hacking of the US networking company Solar Winds.

Additionally, according to a Pentagon analysis, a Russian cyber team manipulated the 2016 US election in favour of Trump. According to The Global Threat, hostile actors with state funding can get unnoticed access to critical applications and infrastructure.

The majority of technologically advanced and wealthiest states are actively deploying malicious actors to interfere with the official and nuclear-related data of other nations. Threats to cyber security affect all nations, including the most developed ones. There is digital interference in everything from politics to military information and policy. The worst victims of cyber dangers are countries with low levels of digital literacy and cyber-related knowledge.

Series of cyber-attacks:

Pakistan and Afghanistan have suffered cyberattacks from Indian hacking gangs.

These gangs plan to launch cyberattacks on diplomatic missions in both countries in order to collect private information. According to a warning released by the Cabinet Division, cyber threat actors continue to target strategic businesses in order to get private data for their own purposes. There has been evidence of a targeted attack campaign to access users' accounts, and obtain private information regarding diplomatic missions in Pakistan and Afghanistan.

The Ministry of Foreign Affairs and Diplomatic Missions has been urged by the Cabinet Division to update all of their websites' World Press to the most recent versions, as theme files for WordPress websites are the most frequently infected places in this phishing effort. All diplomatic missions should install a firewall and antivirus software, according to the advice.

The cyberattacks on Pakistan and Afghanistan were discovered to have involved numerous Indian hacking groups; in fact, the Indian hacking groups intended to obtain sensitive information by conducting cyberattacks on diplomatic missions in both countries.

The cabinet division has released a warning, which alleges that threat actors are continually focusing on strategic businesses in an effort to steal private information from them that may be exploited.

In this regard, a targeted operation is also intended to enter the user account and then get private data on Pakistani and Afghan diplomatic missions.

An advanced persistent threat (APT) organisation operating out of India with the codename "Confucius" initiated operations against the Pakistani military and government, according to a Chinese security researcher. According to the Chinese cybersecurity firm Antiy, the group launches its attacks with the "Confucius says" command. The Chinese company discovered that the gang launched operations in June 2021 using a malicious file containing information about a list of Pakistani army fatalities. Threat actors launched attacks in February 2022 using the file on the government employee's immunisation history.

In order to spread malware and acquire sensitive files, hackers launched a spearfishing cyber attack against the Pakistan Air Force (PAF) in July 2022.

Pakistani and Chinese organisations claimed the attack came from Indian-linked hackers. Last September 2022, Indian hackers made a concerted effort to steal Pakistani citizens' private data by posting fake job advertisements on the Indian website "applyform. pk." The Federal Government informed the Federal Ministries and Provincial Chief Secretaries of this sensitive condition.

Pakistan’s Cyber Security

The incident involving the audio leaks from the PM's house raised several questions about the cyber security of the nuclear state. Pakistan was placed seventh among nations with the poorest cybersecurity, as per a Comparitech report.

In 2019, PakCERT, a Pakistani IT company purporting to concentrate on cybersecurity, reported that their findings suggest that a total of 19,864 cards (banking clients' data) from 22 Pakistani banks were compromised on October 27. Experts are certain that Pakistan will survive the challenging times, though.

Last year, an official Pakistani website was hacked, and data was stolen by malicious Indian actors working with a state agency. Inconveniently demonstrating Pakistan's extremely flimsy digital and cyber security personnel and infrastructure, various official datasets have been taken and altered by Indian agents. To exact revenge, the Pakistani cyber squad hacked the websites of the Indian cricket teams and uploaded a funny clip.

What actually needed to be done to improve the performance of cyber security and prepare it for future occurrences? Google revealed last month that it had acquired Mandiant, a renowned expert in cyber defense and threat intelligence, to add to its cloud business. When Mandiant looked into the infamous Colonial Pipeline hack in 2021, a ransomware attack that stole 100 terabytes of data in just two hours and shut down a major gas pipeline in the US, the company gained notoriety.

President Joe Biden proclaimed a state of emergency after one of the world's most renowned companies was forced to pay a ransom of 75 bitcoins ($4.4 million) to a group of hackers going by the name of "DarkSide."

Hackers targeted Iranian steel industries in June 2022, seriously disrupting production. The machines were forced to spew molten steel and fire by a hacking gang known as Predatory Sparrow, and recordings of the incident were put online as proof. The organization is also known for gaining access to information boards in railway stations and hacking digital billboards on highways to show messages that address Ali Khamenei, the Supreme Leader of Iran.

For many years, Russia has been assaulting Ukrainian infrastructure, including banks and electricity networks. Russian hackers targeted the Social Security Fund and the Finance Ministry of Costa Rica this year in an effort to obstruct international trade.

The rise of cyberterrorism appears to be fuelled by the recent focus on the Internet of Things (IoT). Given the growing frequency of cyberattacks and examples of espionage, residential and commercial equipment connected to the internet for remote monitoring continues to present opportunities for even more severe financial and political harm.

Since the COVID-19 outbreak, the option of remote work has become more prevalent, and closed-loop corporate networks have been enabled to support the hybrid paradigm of work, which has aggravated these attacks. As a result, according to IBM, average losses from breaches in the US have climbed by a staggering $1 million to $4.5 million since the adoption of working from home.

Pakistan's cyber-security mechanism will remain unchanged in 2022. In the past few months, practically every sector of the economy has been affected, whether it is the Sindh High Court, the FBR, PTV Sports, or commercial banks.

According to the Federal Minister for Information Technology, Syed Aminul Haque, over 900,000 hacking incidents occur in Pakistan every day. The recent audio leaks, which included candid talks between high-ranking government officials, were examined by Pakistan's National Security Committee, which demanded both an immediate inquiry and a revised judicial system. In Pakistan, trustworthy companies like Mandiant that might issue security warnings, identify regional risks and have front-line expertise in threat intelligence do not yet exist.

There are isolated, small-scale islands of genius operating without much communication or collaboration.
In this regard, Singapore, a nation that established a licencing structure for cybersecurity service providers, might offer guidance to our Ministry of IT.

The Cybersecurity Services Regulation Office (CSRO), which is divided into penetration testing and security operations centre monitoring service providers, promotes communications between the sector and the general public on training in support of a new certification programme.

At the same time, nations like Israel are making significant investments in cyber weaponry as part of the Cyber Dome program, an AI-based initiative for real-time threat identification and mitigation.

Additionally, the Israeli government joined the Inter-American Development Bank (IDB) to launch a new cybersecurity effort with a $2 million seed investment.

Maintaining a Software Bill of Materials (SBOM) for each system, which contains each component's licence type, patch status, and dependencies in the software supply chain, is recommended as the best practise for preventing cyber-attacks.

Therefore, all vulnerable systems that were built on that component are automatically labeled as exposed when a vulnerability is found in that component. Organisations must hire a licenced business to conduct a baseline audit of their systems so that they can promptly patch them in the event of a new threat if they want that to occur.

Particularly in Islamabad, there will be tighter regulatory control of cyber security, and the establishment hopes to increase oversight of such electrical threats. Our cyber architecture needs urgent up-gradation since it is flawed, and doing so will not be simple.

The author is a researcher, writer and analyst in the field of cyber security. He holds LLB and an M.Phil in Cyber Crimes and is currently pursuing his Ph.D in CS