Last month, Google announced the acquisition of Mandiant, a recognised leader in cyber defence and threat intelligence, to join Google’s cloud operations. Mandiant came into the limelight when it investigated the famous Colonial Pipeline hack in 2021 – a ransomware attack that stole 100 gigabytes of data within two-hours and brought a major gas pipeline in the US to a standstill. Emergency was declared by President Joe Biden and the company had to pay a ransom of 75 bitcoins ($4.4 million) to a group of hackers who identify themselves as ‘DarkSide’.
In June 2022, hackers attacked Iranian steel companies and caused real damage to factory operations. A hacking group called Predatory Sparrow made the machines spew molten steel and fire, and posted videos of the incident as evidence. The group is also known for hacking digital billboards on roads as well as information boards on train stations – displaying messages that call upon the Supreme Leader of Iran, Ali Khamenei.
Russia has been attacking Ukrainian infrastructure including power grids and banks for years now. This year, Russian hackers attacked Costa Rica’s Social Security Fund and its Finance Ministry’s operations to disrupt international trade.
The recent emphasis on Internet of Things (IoT) seems to be the driving force behind the phenomenon of cyber terrorism. With home and industrial devices hooked onto the internet for remote monitoring, gateways to far more formidable financial and political damage remain open, especially with the rising number of cyber-attacks and cases of espionage.
Another dangerous trend that has exacerbated these attacks has been the option of remote work since the Covid-19 outbreak; closed-loop corporate systems were opened to make them compatible with the hybrid model of work. As a result, IBM estimates that since the uptake of working from home, average losses due to breaches have increased by $1m to a whopping $4.5m in the US.
In 2022, Pakistan faces the same state of affairs with cyber security. Whether it is the Sindh High Court, FBR, PTV Sports or commercial banks, almost every industry in the country has been affected over the past few months.
According to Federal Minister for Information Technology Syed Aminul Haque, over 900,000 hacking incidents take place in Pakistan daily. Pakistan’s National Security Committee discussed the recent audio leaks, featuring candid conversations between key government officials, and called for an urgent investigation as well as a revamped legal framework. However, trustworthy firms that could issue security advisories, identify local threats, and have frontline expertise in threat intelligence, like Mandiant, do not exist in Pakistan yet. There are small, scattered islands of brilliance working in silos – with little coordination or exchange of notes among them.
This is where our Ministry of IT can take some lessons from Singapore; a country that set out a licensing framework for cybersecurity service providers. The Cybersecurity Services Regulation Office (CSRO), categorised into penetration testing and a security-operations centre monitoring service-providers, facilitates liaisons between the industry and the wider public on training under a new certification program.
At the same time, countries like Israel are investing heavily in cyber weapons under a cyber-dome programme – an AI based real-time threat detection and mitigation project. The Israeli government also joined the Inter-American Development Bank (IDB) to establish a new cybersecurity initiative with a $2 million seed fund.
As per good practices, the best way to counter cyber-attacks is maintaining a Software Bill of Materials (SBOM) for every system which includes each components’ license type, patch status and dependencies in software supply chain. So, when a vulnerability is discovered in a component, all affected systems built on that component are automatically reflagged as exposed. For that to happen, organisations need to get a baseline audit done by a licensed company who can quickly patch the system in case of a new threat.
Tighter regulatory oversight of cyber security is coming, especially in Islamabad and the establishment is hoping to beef up oversight of such threats. Our cyber framework is a broken system – needing urgent repairs – and this is by no means an easy feat to accomplish.
The writer is a Cambridge graduate and is working as a strategy consultant
Published in The Express Tribune, October 24th, 2022.
Like Business on Facebook, follow @TribuneBiz on Twitter to stay informed and join in the conversation.
COMMENTS
Comments are moderated and generally will be posted if they are on-topic and not abusive.
For more information, please see our Comments FAQ