Pakistan lacks facilities to trace hackers
KARACHI: The number of Distributed Denial-of-Service (DDoS) events topping 20 gigabits per second (Gbps) in the first half of 2014, were double than those in 2013 as more than 100 attacks at 100Gbps or higher were recorded in the first six months of 2014, Forbes said in a report last July while quoting a research from Arbor Networks.
DDoS is a kind of cyber-attack that compromises the availability of a website to visitors in a process where attackers direct a huge amount of traffic to that particular website using bots, software that performs automated tasks over the internet.
DDoS attacks are a global threat and countries around the world are working on solutions to mitigate such attacks. However, Islamabad lags far behind in dealing with the rising threat of cyber-attacks that continue to target Pakistani websites.
In 2014, hackers from different parts of the world continued to launch DDoS attacks on Pakistani websites. They also hacked websites belonging to the security forces and the federal government; defaced them and leaked private data of government and security officials.
By contrast, the Federal Investigation Agency (FIA) – the country’s premier anti-cybercrime watchdog – lacks the capabilities to cope with such attacks, according to industry experts.
According to an official, who had advised FIA on legal issues in the past, such attacks will continue to take place because the country has no facilities or resources to trace the hackers. Even the National Response Centre for Cyber Crime (NR3C), an FIA division responsible for dealing with cybercrimes, can’t trace such attacks that are executed by hackers through proxies, such as TOR – free software that enables online anonymity and resists censorship.
“There is a need for capacity building and training as no serious work has been done on cyber security in the country,” the official said. What is even more ironic is people like Rafay Baloch – recognised as the world’s best ethical hacker or security researcher by leading information security companies and publications – remain unutilised. Baloch is fully capable of advising the government on cyber security.
The white hat knows which equipment could help minimise these threats and how to maximise the benefit with minimal resources and costs.
It is usually the websites belonging to the government or security agencies that are frequently targeted by hackers. However, DDoS attacks also impact local businesses that depend on internet connectivity.
According to a government official, the country has so far been able to deal with all the attacks – though it is not clear whether any data was compromised during any of those attacks. The private businesses, on the other hand, continue to suffer as a result of big DDoS attacks.
It’s hard to find any public data that documents cyber-attacks on Pakistan, industry sources say.
Pakistani websites are attacked almost on a daily basis with DDoS and security breaches. Such attacks usually intensify around or on August 14, Pakistan’s Independence Day, say sources, adding that these attacks mainly originate from India. In return, Pakistani hackers attack Indian websites in a similar way on August 15.
Ironically, sources say most Pakistani ISPs are not capable of handling even a small DDoS attack, 5Gbps for example. Given such attacks are coming from all over the world, the country must do something to mitigate their impact on local ISPs.
As a result of these DDoS attacks, local business suffers a lot, say industry sources. Banking infrastructure is affected, call centres and BPO companies suffer lost business, they say.
When the whole trade is dependent on that connectivity, which is compromised by such attacks, there is not much these small businesses can do.
Explaining, an official said when one government website – which is hosted somewhere in the United States on a shared registry system – is attacked, other IPs registered on that system also suffer as a result. It is, therefore, important that IPs catering to Pakistani markets should be hosted on Pakistani servers.
Besides hosting the servers locally, the official said the gateway internet providers, Pakistan Telecommunication Company Limited and Transworld Associate should also have enough spare capacity to mitigate such attacks.