Cybercrimes: Pakistan lacks facilities to trace hackers

Cyber-attacks target government websites as well as private businesses.


Pakistani websites are attacked almost on a daily basis with DDoS and security breaches. DESIGN: TALHA KHAN

KARACHI:


The number of Distributed Denial-of-Service (DDoS) events topping 20 gigabits per second (Gbps) in the first half of 2014, were double than those in 2013 as more than 100 attacks at 100Gbps or higher were recorded in the first six months of 2014, Forbes said in a report last July while quoting a research from Arbor Networks.


DDoS is a kind of cyber-attack that compromises the availability of a website to visitors in a process where attackers direct a huge amount of traffic to that particular website using bots, software that performs automated tasks over the internet.

DDoS attacks are a global threat and countries around the world are working on solutions to mitigate such attacks. However, Islamabad lags far behind in dealing with the rising threat of cyber-attacks that continue to target Pakistani websites.

In 2014, hackers from different parts of the world continued to launch DDoS attacks on Pakistani websites. They also hacked websites belonging to the security forces and the federal government; defaced them and leaked private data of government and security officials.

By contrast, the Federal Investigation Agency (FIA) – the country’s premier anti-cybercrime watchdog – lacks the capabilities to cope with such attacks, according to industry experts.

According to an official, who had advised FIA on legal issues in the past, such attacks will continue to take place because the country has no facilities or resources to trace the hackers. Even the National Response Centre for Cyber Crime (NR3C), an FIA division responsible for dealing with cybercrimes, can’t trace such attacks that are executed by hackers through proxies, such as TOR – free software that enables online anonymity and resists censorship.

“There is a need for capacity building and training as no serious work has been done on cyber security in the country,” the official said. What is even more ironic is people like Rafay Baloch – recognised as the world’s best ethical hacker or security researcher by leading information security companies and publications – remain unutilised. Baloch is fully capable of advising the government on cyber security.

The white hat knows which equipment could help minimise these threats and how to maximise the benefit with minimal resources and costs.

It is usually the websites belonging to the government or security agencies that are frequently targeted by hackers. However, DDoS attacks also impact local businesses that depend on internet connectivity.

According to a government official, the country has so far been able to deal with all the attacks – though it is not clear whether any data was compromised during any of those attacks. The private businesses, on the other hand, continue to suffer as a result of big DDoS attacks.

It’s hard to find any public data that documents cyber-attacks on Pakistan, industry sources say.

Tit-for-tat

Pakistani websites are attacked almost on a daily basis with DDoS and security breaches. Such attacks usually intensify around or on August 14, Pakistan’s Independence Day, say sources, adding that these attacks mainly originate from India. In return, Pakistani hackers attack Indian websites in a similar way on August 15.

Ironically, sources say most Pakistani ISPs are not capable of handling even a small DDoS attack, 5Gbps for example. Given such attacks are coming from all over the world, the country must do something to mitigate their impact on local ISPs.

As a result of these DDoS attacks, local business suffers a lot, say industry sources. Banking infrastructure is affected, call centres and BPO companies suffer lost business, they say.

When the whole trade is dependent on that connectivity, which is compromised by such attacks, there is not much these small businesses can do.

Explaining, an official said when one government website – which is hosted somewhere in the United States on a shared registry system – is attacked, other IPs registered on that system also suffer as a result. It is, therefore, important that IPs catering to Pakistani markets should be hosted on Pakistani servers.

Besides hosting the servers locally, the official said the gateway internet providers, Pakistan Telecommunication Company Limited and Transworld Associate should also have enough spare capacity to mitigate such attacks.

Published in The Express Tribune, February 2nd,  2015.

Like Business on Facebook, follow @TribuneBiz on Twitter to stay informed and join in the conversation.

COMMENTS (2)

Hasanat Kazmi | 9 years ago | Reply

TOR is not a popular way to execute DDOS - I won't even consider it a serious medium to DDOS. You generally get very low bandwidth on TOR. Plus there are protocol limitations. I don't know how to explain without getting technical :)

Jibran Ilyas | 9 years ago | Reply

Although mitigating DDoS attacks is important, I hope there is more serious consideration for defense against Nation/State attacks, which would target data relating to National Security. DDoS attacks are detected while Nation/State attacks are stealth by nature and can do a damage beyond any financial repercussions.

Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ