Apps never come alone
ISLAMABAD: At the heels of millions of apps come droves of innocuous -looking requests that might breach the users’ privacy. With this weighing on in all the discussions at the third annual “Cyber Secure Pakistan Conference” which concluded here on Sunday, discussants urged the government to legislate to protect itself and its citizens against cyber crimes and online threats.
The four-day conference was organised by the Pakistan Information Security Association, a non-profit organisation of information security professionals and practitioners, in collaboration with UltraSpectra, an internet marketing and IT solutions service provider.
Over the four days, the event featured workshops for the public on information security issues, technical sessions, digital forensic trainings, a bloggers’ meet-up, an industry exhibition and networking opportunities for information security professionals, said UltraSpectra Executive Director Zun Nurain Khalid.
Khalid said the conference was based around the theme of “multi-stakeholder collaboration for combating cyber crimes.”
“The idea was to connect people who are working on information security in Pakistan and to raise awareness and educate people about cyber security issues,” he said.
The conference was attended by organisations and individuals ranging from the Federal Investigation Agency (FIA) on the official front to academics from leading universities as well as private-sector companies and citizens interested in digital privacy and security.
The proceedings of the conference’s fourth and last day started with a panel discussion on “Cyber Security Challenges and Role of Stakeholders.”
Panellists said individuals in Pakistan are being targeted by the cyber crimes — illegal acts committed using communications technologies such as the Internet or mobile phones — but they do not report it to the FIA National Response Centre for Cyber Crimes due to various reasons including lack of trust.
Other speakers hinted that the centre’s authority is limited and Pakistan needs to recognise that it needs a computer emergency response team or CERT to deal with the cyber threats. There are reports that the government is looking into the issue. Electronic Documents and Prevention of Cyber crimes Act 2014 is also on cards.
Panellists said that the efforts on the legislative front should be backed up with a higher degree of preparedness about threats emanating from the online world.
In another session, ITnIS Consulting Chief Technology Officer Ameen Sharif briefed the audience about ways Android smartphone users could stay safe from privacy breaches. Sharif said users should always read the “permissions” requested by an app before downloading it.
He demonstrated that several top free 100 apps on the Google Play store and even built-in ones which often appear innocuous, demand ridiculous permissions such as “re-route calls” or “modify and delete information from SD card.”
Sharif said such absurd demands should raise red flags. He said such apps could collect private information such as passwords, phone numbers and credit card information among other things and sell them to companies.