Living with data breaches in unregulated cyberspace

It becomes critical to form and train cyber force to assist govt in tackling cyber conflict

PHOTO: REUTERS

ISLAMABAD:

Data fusion, cloud computing and internet-enabled devices have brought us the greatest threat since the Cold War: the risk of cyber-attacks from proxy states.

With Pakistan’s public sector institutions frequently being attacked by the terrorist adversaries operating the anonymous TOR networks, it is becoming critical to train and organise a cyber force to assist the government in managing the escalation in case of a cyber conflict.

Recently, LeakBase accessed the consumer data of Paysys Labs, an intermediary that integrates SBP’s Raast services through its middleware, and published data of more than 50,000 users on the dark web.

Philippine Cyber Alliance has attempted to attack over a dozen government websites this month; not to mention some cyber terror group that has published personal details of the Punjab government employees.

Data of many private companies such as AM International and medIQ has reportedly been released on hacker forums.

It is crystal clear that individuals, businesses, and local governments can’t bear this additional burden of ensuring cyber security and this domain must be dealt by specialist organisations with niche technology to safeguard from these attacks. Not only short-term defensive measures are required urgently, but there is also a need to take a strategic approach to build resilience in IT systems.

What it means for policymakers is to isolate database systems from each other, wherever possible, and avoid funding programmes that lead to data fusion. For example, integrating NADRA, FBR and banking systems is too dangerous, though such an integrated system offers a dream dashboard for authorities.

Though their individual APIs are secure, the architecture inherently promises too much power for hackers.

Similarly, the fact that NTDC has online dashboard available, which could be manipulated by any malicious user, is prone to attack incidents in the entire electricity supply chain. Russia has been attacking Ukrainian infrastructure including power grids and banks for a decade now.

Tracking such an attack or locating the cyber terrorists is tricky. A Russian hacker, over a VPN running in the US, may be using phishing emails to install malicious software in computers connected to our government’s intranet for stealing data by uploading it on a Chinese cloud server.

Using the US as a proxy to launch attack while collecting data on another server in China makes it difficult to geolocate such individuals. Tracking people in cyberspace becomes a jurisdictional nightmare, making cyber warfare a weapon of choice for ransom groups.

With multiple elections due to be conducted this year, adequate cyber security measures need to be taken timely as many countries have cyber weapons to influence election results as well as public opinion.

By leveraging social media platforms run by Meta, it is very easy to use behavioural tools along with targeted ads to influence public sentiment on lines of Cambridge Analytica.

What we need to do is to create awareness for promoting data privacy and best practices to handle the online public data at large. Resilience of our critical infrastructure and essential services must be the top priority and strict SOPs need to be built into the system.

Cyber audits need to be conducted by the concerned regulatory authorities of critical assets including the banking system and security auditors need to thoroughly review protocol stacks and software components every quarter; building a list of every components’ license, patch releases, and dependencies.

So, in case a particular software component gets compromised, all organisations whose IT systems were built using that component could be timely alerted.

However, cyber security can also lead to less ease of doing business as a stringent SOP can slow down the clock speed of commercial operations.

For example, if NADRA stops issuing online ID cards and other certificates, fearing that fingerprints and signatures could be leaked and forged on illegally issued stamp papers to seal fake contracts, the inconvenience caused to an ordinary citizen will be enormous.

Similarly, the IoT devices that are penetrating quickly among the masses to control household appliances remotely are a great convenience but unfortunately all our data also get dumped into servers located overseas.

In a worst-case scenario, our electrical appliances could also be controlled by any foreign cyber terrorist or a ransomware group.

Overall, the future of cyber security will require continued investment in latest technologies and approaches to keep pace with the evolving threats.

However, surveillance of citizens on the pretext of cyber security must be discouraged and a policy shift towards cyber security that ensures minimal infringement on citizens’ rights of privacy is needed while taking holistic security measures.

The writer is a Cambridge graduate and is working as a strategy consultant

 

Published in The Express Tribune, March 20th, 2023.

Like Business on Facebook, follow @TribuneBiz on Twitter to stay informed and join in the conversation.

RELATED

Load Next Story