Jawad Awan and Shahzad Memon

Threats of Cyber Security and Challenges for Pakistan

Jawad Awan, Shahzad Memon
Institute of Information and Communication Technology, University of Sindh, Jamshoro, 76200, Pakistan
awanjawadhussain@gmail.com
Shahzad.memon@usindh.edu.pk

Abstract: With the growing volume and sophistication of cyber-attacks, the volume of these attacks reaches to
thousands daily. Cyber security researchers have been working for many years to prevent computers,
databases, programs, systems and networks from unauthorized access, attack, change or destruction.
In addition, it is also a critical issue in discussions of government and security policy makers in current situation
of security round the globe. E-Government services, capital markets, corporations, and other businesses
collect processes and store a large amount of confidential information on computers and transmit that data
over internet for professional purposes. In recent years, Lithuania and Iran are one of the cases those are
practically affected with cyber-attacks. Pakistan has played an important role to stop in global war on
terrorism after 9/11. As a nuclear state and its geopolitical position, the possibilities of various internal and
external security concerns raised during last decade including cyber security. Government of Pakistan is
implementing defence policies which shall stop the entry of terrorists in country and supervise territorial
borders. Critical defence measures for important cyber services of the country such as NADRA (National
Database and Registration Authority), E-Government services and capital markets also requires attention of
government in current security situation. These services are using firewalls and other technologies to protect
systems, however; there are many possibilities by which the terrorists can use cyber as a source to attack,
control and stop the essential ICT services. This paper discusses the Cyber challenges in current unstable
situation of security in Pakistan.

Keywords: Cyber Security; Pakistan; Threats; Internet; Stuxnet.

1.0 Introduction
Modern communities have dependent on cyberspace that offers valuable and essential services for the
functionality of human life and the environment as well as the challenges and threats. Cyber Security is a field
which focuses on protecting computers, databases, programs and networks from unauthorized access, change
or destruction. Cyber security aims to offer as well as involves the ability to have influence on the actions and
rules of cyberspace; this requires adequate knowledge for the stability, limitations and vulnerabilities of ICT,
and improving the critical operating factors in cyberspace. In this modern world, this may require innovative,
mature participation among developing countries at various levels of development. However, the analysis of
organizational-related cyber security issues increased the attention of some researchers but little attention has
been paid by researchers in cyber-security and national development, mostly within the countries opinion,
those have to create their nation’s security policies .Cyber security is big challenge for many countries
including Pakistan.
This paper contributes a concise overview of cyber security threats which can seriously affect the Pakistan’s
essential IT services. In addition, it concludes with some recommendations to cyber security policy makers of
Pakistan which can be adopted to prevent the cyber boundaries of country.

2.0 Literature Review

Due to increase in the adoption of internet based services to increase the interactions, the governments are in
the process of transformation of their major services to online services. Deployment of internet based services
at government level has increased the possibilities of sabotage systems security from internal or external
sources. Based on published reports (Department of Homeland Security 2014, Reddy, Reddy 2014, Jang-
Jaccard, Nepal 2014, Elmaghraby, Losavio 2014, Sebastian Bortnik 2012, APWG 2013, An Osterman Research
White Paper 2015) and a conference held at USA(CyberSecurity - Stanford, CA, USA 2014), it is acknowledged
that intelligent cyber terrorists may be able to create an integrity, availability or confidentially attack on cyber
services or government database related services. The security, resilience, and reliability of the nation’s cyber
assets and government services is also a big challenge for organizations as well as the growing number of
serious attacks on confidential information which is also one of the most serious economic and national
security threats. In (Paul Lewis, Julian Borger and Rory McCarthy Paul Levis 2012), cyber services offering
organization has a big challenge which stores confidential information after the murder of Hamas leader
Mahmoud al-Mabhouh, where three of the European identities used by the killers in the murder and were
stolen from Britons living in Israel . According to New York Times report (Peter Beaumont and Nick Hopkins

425
 Jawad Awan and Shahzad Memon

2012), malware (Stuxnet, Flamer virus) hits Iran’s atomic organization and nuclear facilities before escaping
and wreaking havoc on the public Web. Also from another 16th October 2014 report, a phishing campaign
(APWG 2013) has targeted a wide variety of recipients while employing the Dyre/Dyreza banking malware,
which targets sensitive user account/login credentials and send the captured data to malicious actors.
Dyre/Dyreza banking malware is new challenge for developed nations and mostly targeting senders,
attachments, exploits, themes, and payload.
3.0 Essential IT Services in Pakistan
Most of the countries are deploying online services and Pakistan is the one of those developing countries, in
which most of the organizations are deploying information technology services into their infrastructures as
well as higher authorities are taking interest to deploy these types of technology and services into their
infrastructures. NADRA (National Database and Registration Authority) is a centralized national ID database of
Pakistan, which is shared among banks, passport offices, Election Commission Departments, Mobile networks
and FBI (Federal Bureau of Investigation) etc. NADRA is the only organization which registers and stores the
information about the population. According to the report(Threat Track Security 2014), NADRA is on of the top
ranking organizations in the world because of use of state of the art technologies for its services. At present
time, European countries are using SCAP (Security Content Automation Protocol) algorithm for their NVD
(National Vulnerability database) in which data enables automation of vulnerability management, security
measurement, and compliance(APWG 2013). It is noticed that hackers had tried to hack confidential
information (CyberSecurity - Stanford, CA, USA 2014, Pro Pakistani 2013). NADRA may be current target for
cyber terrorism to block or sabotage its essential services, hack human confidential information and use them
for their illegal purposes.

Directorate General of
Immigration & Passports,
Ministry of Interior

Election Commission of Banking Services

Pakistan

Federal Investigation Mobile Cellular Companies

Agency (FIA)

Fig: 1 NADRA and its important services

E-government is the leading component for modernization and it helps to improve the on-going stress by
increasing their efficiency and modifying to the pressure of modern information society. E-Government is
enabling government organizations to offer efficient and fastest services to their constituents.
Figure2.Iluustrates some of active E-Government services in Pakistan.
Federal Board of
Revenue

Khyber
Pakhtunkhwa Police Excise and Taxation
Services and narcotics

Punjab Metrobus Karachi Metropolitan

Authority Federal Public Service Corporation
Commision

Fig: 2 E-Government services in Pakistan

426
 Jawad Awan and Shahzad Memon

Capital markets, which are the buying and selling financial markets for long-term debt or investment purpose.
This type of capital markets helps organization as well as government to invest their amount by protecting
them from frauds. Nowadays, capital markets are upgraded into computer-based electronic trading systems.
These trading systems include stock exchanges, investment banks, treasury departments and government
departments. Figure 3 shows the some of online business and financial services used in Pakistan.

Mobile and Postal money

transfer services
Mobile banking Online Banking
transactions

Pakistan Stock Various financial

Exchanges services

Business and Financial Services

Fig: 3 Capital Market Services

4.0 Current threats and attacks
Pakistan is also developing country where implementation of cyber services is under development. In this way,
Securing confidential information is top priority of organizations. Such as, social websites provides a platform
where users feel free to interact and share personal information among their friends. But, cyber-criminals are
making target to these sites to steal user personal information including locations. Table 1 presents most
common types of cyber threats in Pakistan.
Table: I Current Cyber threats

Infector Infection Infected by

Trojan Horse (Zeus) Malicious and criminal tasks Downloads and Phishing
Spam undesirable email Opening/viewing
Worms Replicates Relying on security failure
Frauds Secure unfair/unlawful gain Cheating a person
Phishing Method of acquiring sensitive information Websites/Emails
Intrusion An illegal act of taking possession without permission Network
Malicious code Script which damages device/system Internet
Cyber Harassment cyber stalking Internet
Content related Cross-cite scripting Web Applications
Denial of Services unauthorized access or control Network
APTs (Advanced network attack in which an unauthorized person gains access to a Network
Persistent Threats) network
Zero day Attack exploits a previously unknown vulnerability in a computer Software
application or operating system
Insider threat Malicious hacking method Organization employee

According to security professionals (Threat Track Security 2014), expected cyber threats in year 2015 are
illustrated in following figure 4. The maximum number will be APTs and minimum numbers of threats are
mobile infectors. In addition, 23% are targeted malware attacks, Zero-day attacks and insider threats share
13.5%.

Fig: 4 Top threats expected in 2015 [Chart generated from data (Ten, Manimaran & Liu 2010)]

427
 Jawad Awan and Shahzad Memon

The percentage of Network threats which are possible in 2015 are illustrated in figure 5. In which, the 28% are
RCP ( Remote Procedure Call) and SQL injection are the second most with possibility of 23% while others are
25%, Browser 17% and cross-site scripting are 7%.

Fig: 5 Network threats [Chart generated from the data [2]]

It is also found that most of cyber services were infected in the year of 2015 as illustrated in above figures.
Furthermore, policy makers of Pakistan have to design a framework for the security purpose.

5.0 Cyber threats and policies in Pakistan

After stealing of confidential information by US National Security Agency (NSA), the National Telecom &
Information Technology Security Board (NTISB) has recommended policies for protecting government,
organizations and their services from cyber attacks. The Cabinet Division report it is declared that “This
scenario raised serious concerns warranting the implementation of all policies and guidelines in true letter and
spirit,” and “USA being the leading country in the field of communication and IT is using multiple tools mainly
through electronic surveillance, ground and air intelligence platforms like satellites, recording telephonic calls,
gathering public pulse through e-mails filtering, radio monitoring, communication leaks, vulnerabilities in IT
based networks carrying sensitive data and other sophisticated means, covertly or overtly” (Javed Mirza 2013).
In 2014, from the report(APWG 2013), it is informed that cyber hackers started to attack on Pakistani websites
contains confidential information related to security forces and the federal government by launching
distributed denial of service (DDoS) attacks. According to industry experts, FIA (Federal Investigation Agency)
can barely cope with such attacks because it requires trained/experts people who trace or stop these cyber-
attacks. According to the official report of national Response Centre for Cyber Crime(Javed Mirza 2013), an FIA
division responsible for dealing with cybercrimes, can not trace such attacks that are executed by hackers
through proxies, such as TOR, a free software that enables online anonymity and resist censorship.

6.0 Cyber Protection Policies in Pakistan

Currently, Pakistan has no any existing law that may comprehensively deal with the growing threat of cyber-
crimes. Available crime justice legal framework in Pakistan is inadequate and ill equipped to address the
sophisticated online threats of cyber age. This new age impaired both existing crimes when conducted with
the use of internet and has given birth to a new type of criminals and cyber crime such as hacking (Illegal
access of data), interference with data and ICT systems, specially cyber rerated electronic forgery and frauds,
cyber attacks on critical ICT infrastructures, unauthorized interception conducted by civilians, Identity theft
and use of malicious code viruses to spy on ICT systems. These digital crimes cannot deal effectively with or
punished through the use of existing legalization. These unique and unprecedented crimes require a
completely new and comprehensive legal work that will focus on the online conduct of
individuals/organizations.
A Tanzanian delegation suggested that, Pakistan has to establish Cyber Crime Unit (CCU) to tackle cybercrimes
and it needs to develop a relevant legislation and formulate Computer Emergency Response Team (CERT) to
facilitate the implementation. Tanzania has lost $6 million in different cyber-related crimes which forced them
to develop CCUs and CERTs. The dignitaries of the delegation discussed in his discussion that $445 billion are
lost annually because of cyber-crimes and electronic thefts in online security. Furthermore, it is noticed that
800 million data records from developing countries have been are hacked into. In this regard, developing
countries such as Pakistan need to recommend policies to control the crimes alongside the developed nations
(APWG 2013). In January 2015 national assembly of Pakistan, “the Prevention of Electronic Crime Bill, 2015

428
 Jawad Awan and Shahzad Memon

was presented by minister of IT and Telecommunication (PPF 2015) in which following important issues were
discussed in that bill.

 Development of legalization with new investigative power previously not available such as search and
seizure of digital forensic evidence using technological means
 Production orders for electronic evidence, electronics evidence preservation orders , partial
disclosure of traffic data
 A real time collection of data under certain circumstances and other enabling powers which are
necessary to affectively investigate cyber crime cases

 The very technical nature of the new powers that are necessary to investigate and prosecute these
crimes require their exercise to be proportionate with the civil liberty protections afforded to citizens
under the constitution
 This can only be achieved through strengthening existing protections and establishing new safeguards
especially against abuse of these new and intrusive powers

The introduction of this new legalization will effectively prevent cyber crimes and will also contribute to the
national security by providing and enabling a secure environment for investments in ICT, eGovernmnet and
eCommerce systems. In addition, it also includes specific safeguards to balance against these intrusive and
extensive procedural powers to protect the privacy of citizens. However, it is not completely effective in case
of exposing of citizens to the unmitigated threats posed by cyber criminals both at home and abroad. It is a
first serious initiative taken by government to prevent cyber crimes as well as to contribute to the cyber
security of the nation. However, it needs to add additional tasks which shall protect not only government but
also citizens of Pakistan.

7.0 Conclusion
Nowadays, the ratio of cyber attacks is increasing rapidly. Skilled cyber terrorists may be able to create an
integrity, availability or confidentiality attack on the network or services of NADRA, E-government and capital
markets of Pakistan. This type of cyber activities may damage or stop the essential ICT services including
NADRA, E-Government websites, Stock exchanges, Mobile banking and money transfer services which will be
having serious impact on the performance of government services and possibilities of hacking IDs from NADRA
servers and also can be used for any other terrorist activities. In addition, it will create a collapse or crash the
economics of Pakistan by hacking and after that controlling the stock exchange and financial services by adding
their own fake figures. It is therefore recommended that, viewing the present security situation the country,
design and implementation of cyber security policies are very crucial for the NADRA, E-Government and capital
markets services as well.

References

An Osterman Research White Paper 2015, How Spamhaus Cost-Effectively Eliminates Spam,Malware and
Botnet Threats, An Osterman Research White Paper.

APWG 2013, Phishing Trends Report for Q2 2013, APWG.

CyberSecurity - Stanford, CA, USA 2014, 25 May 2014-last update, The Third ASE International Conference on
Cyber Security [Homepage of CyberSecurity - Stanford, CA, USA], [Online]. Available:
http://cybersecurity2014.scienceengineering.org/ [2014, December 25].

Department of Homeland Security 2014, October 28, 2014-last update, Phishing Campaign Linked with “Dyre”
Banking Malware [Homepage of US-CERT], [Online]. Available: https://www.us-cert.gov/ncas/alerts/TA14-
300A [2015, January 25].

Elmaghraby, A.S. & Losavio, M.M. 2014, "Cyber security challenges in Smart Cities: Safety, security and
privacy", Journal of Advanced Research, vol. 5, no. 4, pp. 491-497.

429
 Jawad Awan and Shahzad Memon

Jang-Jaccard, J. & Nepal, S. 2014, "A survey of emerging threats in cybersecurity", Journal of Computer and
System Sciences, vol. 80, no. 5, pp. 973-993.

Javed Mirza 2013, Pakistan takes steps to protect itself from NSA-style cyber attacks, Thenews, Pakistan.

Paul Lewis, Julian Borger and Rory McCarthy Paul Levis, Dubai murder: fake identities, disguised faces and a
clinical assassination, 2010th edn, The Guardian, UK.

Peter Beaumont and Nick Hopkins 2012, US was 'key player in cyber-attacks on Iran's nuclear programme', The
Guardian, U.K.

PPF 2015, January 17, 2015-last update, Cyber bill introduced [Homepage of PPF], [Online]. Available:
http://www.pakistanpressfoundation.org/information-technology/79047/cyber-bill-introduced/ [2015,
January 25, 2015].

Pro Pakistani 2013, September 16, 2013-last update, Official Website of NADRA E-Sahulat Gets Hacked, User
Data Compromised [Homepage of Pro Pakistani], [Online]. Available:
http://propakistani.pk/2013/09/16/official-website-of-nadra-e-sahulat-gets-hacked-user-data-compromised
[2015, January 16].

Reddy, G.N. & Reddy, G. 2014, "A Study of Cyber Security Challenges and Its Emerging Trends on Latest
Technologies", arXiv preprint arXiv:1402.1842, .

Sebastian Bortnik 2012, Trends for 2013: astounding growth of mobile malware, WeliveSecurity:Security news,
views and insight from the ESET experts, ESET Latin America.

Ten, C., Manimaran, G. & Liu, C. 2010, "Cybersecurity for critical infrastructures: attack and defense modeling",
Systems, Man and Cybernetics, Part A: Systems and Humans, IEEE Transactions on, vol. 40, no. 4, pp. 853-
865.

Threat Track Security 2014, December 12, 2014-last update, Spammers Accelerate Dyre Distribution
[Homepage of Threat Track Security], [Online]. Available: http://www.threattracksecurity.com/it-blog/
[2015, January12, 2015].

430