A cyber security breach is said to have exposed the official emails of senior Ministry of Finance officials.
As a result, sensitive information connected to the Ministry of Finance, the International Monetary Fund (IMF), the Financial Action Task Force (FATF), the China Pakistan Economic Corridor (CPEC), and other government ministries appears to have been hacked.
A video teaser showcasing the compromised emails, email addresses, and subject lines was also posted by the hacker. According to their track record, the contents of the hacked emails will be shared with anti-Pakistan elements with the goal of sabotaging Pakistan’s national security.
Not only blogging channels obtained the footage, but it has also gained access to the group’s shared file. The file contains a preview of the contents of 2500+ emails that were used for official communication with the Asian Development Bank (ADB), World Bank, Fitch Ratings, Credit Suisse, and hundreds of other national and international financial institutions, as well as their senders, receivers, and subjects.
Muzammil Aslam, a spokesperson for the Ministry of Finance, originally refused to comment on the breach when approached by an anonymous source, but afterwards flatly denied that any official emails had been stolen and stated that official correspondence was in safe hands.
According to Rawalpindi-based strategic analyst Zaki Khalid, “The hacker is a known cyber mercenary and has routinely breached sensitive data held in official systems. This latest incident was announced by the malign actor in a Telegram group”.
According to the hacker, the targeted email account belongs to a Joint Secretary in Pakistan’s federal government. Zaki believes that this assertion should be independently validated by a rigorous technical assessment of federal government systems and networks, particularly the Finance Ministry.
The National Telecommunication and Information Security Board (NTISB) has already sent circulars/notifications to government personnel in this regard, advising them to upgrade their antivirus software and other security precautions.
It’s worth noting that the majority of ministry personnel interact using personal email accounts, implying that the aforementioned security compromise may not have involved an official email account but rather a personal one.
The creation of a national authority to oversee or secure cyberspace should be a top priority for the federal government. This is an urgent issue, and such matters must be investigated immediately.
The NTISB guidelines are not being strictly followed, and this is an urgent concern that should be addressed by the Cabinet Division, which is directly under the Prime Minister’s Office.
The National Cybersecurity Policy (NCP) 2021 was also passed into law by the federal government earlier this year. A cyber-attack on national institutions was designated a threat to national sovereignty, and the policy mandated that substantial steps be taken to consolidate the government’s IT infrastructure.
To safeguard the Pakistani government’s IT infrastructure, a significant amount of investment and organisational change is required to implement the NCP 2021.
Furthermore, in the age of 5th generation warfare, data is a valuable resource, and coming into the hands of anti-state elements could imperil national security and sovereignty.
To read our blog on Pakistan to develop AI based cybersecurity solution to counter cyber-attack, click here.
