Pakistan’s nukes safe from cyber, other threats: Masood Khan

Pakistan's permanent ambassador to UN says Pakistan fully qualifies to be a member of the Nuclear Suppliers Group.

Pakistan says its nuclear programme has been secure for 40 years. PHOTO: FILE

UNITED NATIONS:
Pakistan assigns the "highest importance" to ensuring the safety and security for the country's nuclear programme, Ambassador Masood Khan told the UN General Assembly on Tuesday, assuring the body that the weapons stock pile was safe and secure for the entire spectrum of threats, including cyber attacks.

"Pakistan's nuclear materials, facilities and assets are safe and secure."

Pakistani ambassador said while commenting on a report of the International Atomic Energy Agency (IAEA), the Vienna-based UN nuclear watchdog and after it emerged on Tuesday that a flaw in the widely used Microsoft word operating programme had a critical security flaw, “zero day” that had been exploited in the Middle East and South Asia region.

"We have an unblemished record of running a safe, secure and safeguarded civil nuclear programme for the last forty years," Khan told the 193-member Assembly.

"Our nuclear security regime is anchored in the principle of multilayered defense for the entire spectrum of any nuclear security threat - insider, outsider, and cyber threats - and is guided by the concept of the Five Ds, that is, to deter, detect, delay, defend, and destroy."

Khan explained that Pakistan has established "extensive physical protection measures, robust command and control structures, comprehensive export controls and an effective regulatory regime to ensure safety and security of nuclear   materials and installations."

A specially trained and skilled force of 25,000 nuclear security officials ensures the security of the country's nuclear assets. Besides, integrated intelligence component exercises vigil to provide depth in defence.

"We are currently deploying Radiation Portal Monitors at key exit and entry points to prevent illicit trafficking of radioactive and nuclear materials."

All nuclear power plants in Pakistan were under IAEA Safeguards, Khan pointed out.

Nuclear supplier’s group

As an active, mainstream partner in the global non-proliferation efforts, Khan said Pakistan had experience, spanning four decades, of safely operating the nuclear power plants.

"We have the requisite expertise, well-trained manpower and infrastructure to produce civil nuclear energy. Pakistan therefore fully qualifies to be a member of the Nuclear Suppliers Group."


"Pakistan believes in an equitable, non-discriminatory and criteria-based approach to advance the universally shared goals of non-proliferation and promotion of peaceful uses of nuclear energy," he said.

"Considerations of safety and security should facilitate, not hinder, the pursuit of peaceful uses of nuclear energy for promoting the development agenda, improving human lives and mitigating the adverse impact of climate change.

‘Zero day’ vulnerability

Microsoft Corp released an emergency software fix on Tuesday after it learned that hackers had exploited a previously undiscovered security flaw in its widely used Office software to infect the PCs of its customers with tainted Word documents.

The software maker said on its website that it had released the software, known as a "Fix It," as a temporary measure until it provides an update that will automatically patch computers to protect against the new threat.

Microsoft said that it had learned of a "very limited" number of attacks that exploited the newly discovered vulnerability, mainly in the Middle East and South Asia. The company did not identify the victims, who received emails asking them to open the tainted Word documents.

The vulnerability affects customers using Office 2003 and Office 2007 as well as those running Office 2010 on Windows XP and Server 2003.

The attacks took advantage of an undiscovered flaw, or "zero day" vulnerability in industry parlance, which is usually only used on a limited number of high-value targets in a bid to keep the flaws a secret.

Typically, when makers of widely used software programs issue a warning about a zero-day bug, groups of hackers rush to reverse-engineer the Fix Its so they can build computer viruses that also exploit the same vulnerabilities.

Stuart McClure, chief executive officer of the cybersecurity firm Cylance Inc, said that businesses using vulnerable versions of Office should install the Fix It to prevent attacks.

"I definitely think it is something that needs to be patched," he said.

Fix Its are pieces of software for remediating security flaws that must be manually downloaded and installed on PCs.

They are designed to protect customers while Microsoft prepares official updates, automatically delivered via the Internet to be installed on computers.
Load Next Story