After several attacks from hackers in the past 18 months the foreign ministry has finally sought an allocation of Rs80 million in the next fiscal year’s budget for bolstering cyber-security and securing its communications with the country’s missions overseas, an official told the Senate Foreign Relations Committee on Thursday. It also plans to engage the Inter-Services Intelligence (ISI) to carry out the security restructuring. The budget request is still to be approved and the committee members disagreed amongst themselves regarding the plan to employ the ISI in Foreign Office security but there is unanimous agreement that the cyber security regime needs an upgrade.
Cybercrime and cyber security are still relatively new concepts for a government that has just begun to experiment with online systems for bureaucratic and civic functions. The provincial governments are slowly rolling out pilot projects – such as online registration of a FIR in Khyber Pakhtunkhwa – and the Cybercrime bill – the first of its kind – was recently passed into law. This is uncharted territory and debates over definitions and scope still rage on, but securing our nascent digitised government databases is an exigent issue that requires prompt and decisive action.
This need becomes a pressing one when we consider that the majority of the bureaucracy and legislative is manned by a generation that isn’t considered tech-savvy – at least to the degree that they can manage their own IT concerns. Add to that the underfunded and often obsolete computing solutions present in these institutions and you have a recipe for disaster.
Protecting communication with foreign missions should be the top priority, but a revamped cyber security regime shouldn’t stop there. The government can exponentially increase security by implementing across the board macro policies. For example, the government-run IT and Telecom services provider, National Telecommunication Corporation (NTC), provides internet service to government offices. However, because of its poor services, private companies are hired and individuals prefer to use private internet connections – all actions that dilute security.
Similarly, according to Microsoft Security Intelligence report Volume 20 Pakistan is at the top among a handful of countries which attracted the highest rates of malware attacks in the second half of 2015 in terms of encounter rate and fifth-highest infection rate in the world. This is down to the ignorance about basic internet security among a population that is encountering high-speed internet for the first time. This lack of education should ideally be addressed on a national level, but briefing, training and optimising bureaucratic staff on cyber security is not only feasible but relatively inexpensive.
As constant allegations of cyber terrorism are traded between China and USA, it should become obvious that the battlefield of the future is one we cannot see with the naked eye.