Major cyber attack by India targeting devices of govt, military officials identified: ISPR

[MenInG]

Pakistan's intelligence agencies have identified a major security breach whereby phones and other gadgets of government officials and military personnel were targeted by Indian hackers.

According to a statement by the Inter-Services Public Relations (ISPR), the cyber-attack by Indian intelligence agencies involved "a range of cyber crimes including deceitful fabrication by hacking personal mobiles and technical gadgets".

"Various targets of hostile intelligence agencies are being investigated," said the military's media wing.

"Pakistan Army has further enhanced necessary measures to thwart such activities including action against violators of standing operating procedures (SOPs) on cybersecurity," added the statement.

It also said that an advisory is being sent to all government departments so they may identify security lapses and enhance cybersecurity measures.

Senior officials advised to stop using WhatsApp

In March this year, the federal government had issued directives to the provincial governments to ban the use of social networking apps citing threats of cyber attacks by foreign intelligence agencies.

A letter issued by the National Telecom and Information Technology Security Board titled ‘Ban on use of WhatsApp and likewise means for sharing of official letter and information’ read: “It has been reported that hostile intelligence agencies have developed technical capabilities and means to gain access to sensitive information stored in mobile phones of officials of government departments, institutions, and ministers in the country."

“These spyware companies are using hacking softwares and applications such as ‘Chat Line’ and ‘Pegasus’ malware on WhatsApp account of target mobile phones (IOS and Android) to gain access to sensitive information stored on mobile phones. The malware is capable to infect any mobile phone (IOS and Android) only by generating missed call on target WhatsApp number," the letter continued.

“This 'Pegasus' malware has infected approximately 1,400 senior government and military officials in twenty countries including Pakistan. Hostile spyware companies such as Israel-based NSO Group have been sued by WhatsApp and Facebook in the US Court of San Francisco for violating both US and California laws as well as the WhatsApp Terms of Service,” it added.

Furthermore, senior government officials holding sensitive portfolios and dealing with national security matters were said to have been advised to avoid sharing information on WhatsApp and upgrade the application to the latest version.

“All mobile phones purchased prior to May 10, 2019, must be immediately replaced," the government had directed at the time.

https://www.geo.tv/latest/302479-ma...es-of-govt-military-officials-identified-ispr

 

[MenInG]

ISLAMABAD: The military on Wednesday announced a probe after intelligence agencies uncovered a major cyberattack by hostile Indian spy networks targeting military and government officials.

“Pakistan’s intelligence agencies have identified a major cyberattack by Indian intelligence agencies involving a range of cybercrimes, including deceitful fabrication by hacking personal mobiles and technical gadgets of government officials and military personnel,” the Inter-Services Public Relations (ISPR) said in a statement.

No further detail about the nature of the attack or targets was given by the military.

The ISPR said the targets of the attack were being investigated. Action, the military’s media affairs wing said, was also being taken against those found guilty of violating the official standard operating procedures (SOPs) on cyber security.

The Islamabad Policy Institute, a think tank, had in its report “Pakistan Outlook 2020” earlier this year warned that a spike in India’s Advanced Persistent Threat (APT) activity was being noticed since the increase in its tensions with Pakistan following the Balakot stand-off.

ISPR says attack involved fabrication by hacking personal mobile phones and technical gadgets of govt officials and military personnel

APT is defined as a long-term intrusion normally by a state-sponsored actor into network/s in order to mine highly sensitive data.

APT activity, the report said, was deeply connected with geo-political situation, current events and government priorities. “With a right-wing fascist regime in power in India, such campaigns have increased and are more likely,” it added.

The report had also pointed out that Pakistan was one of the worst prepared countries in the world with regards to cybercrime.

Farooq Naiyer, a cyber security expert and a visiting fellow with the Islamabad Policy Institute, had in his paper said that the motive behind APT was usually intelligence gathering and credential theft for follow-on operations. He said that the adversaries targeting Pakistan specifically went after government officials, diplomats and businessmen. APT groups, he wrote, mostly used simple, freely available malware that heavily relied on phishing campaigns.

Talking to Dawn on Wednesday over phone, Mr Naiyer said that although not much had so far been known about the attack reported by the military, it looked very much similar to a Russian surveillance attack in May last year in which the attackers exploited a vulnerability in WhatsApp, the encrypted messaging service, to target important political figures.

The ISPR in its statement said the army had enhanced necessary measures to thwart such activities. “Advisory is also being sent to all government departments/institutions for identifying lapses and enhancing respective cyber security measures,” it added.

https://www.dawn.com/news/1574108/probe-into-cyberattack-by-indian-spy-networks-launched

 

[MenInG]

ISLAMABAD: A parliamentary body on Thursday condemned cyberattacks by Indian spy networks.

The chairman of the Senate Standing Committee on Interior, Senator Rehman Malik, said: “India is involved in cybercrimes worldwide and stealing sensitive national data of various countries for different nefarious activities. Indian hackers steal data of different countries and sell it to rival countries and the data of individuals for blackmailing.”

The Senate committee condemned imposition of a curfew in India-held Kashmir and its members urged the government to take rigorous actions to counter propaganda and illegal moves of the Indian government and drag Prime Minister Narednra Modi in the International Court of Justice (ICJ) and United Nations Security Council (UNSC).

On the 373rd day of curfew in occupied Kashmir, the committee marked these days as ‘dark days’ in the history of mankind and expressed solidarity with Kashmiris struggling for their legitimate right of self-determination under UNSC Resolutions.

Committee members urge government to take rigorous actions to counter illegal Indian moves

Mr Malik informed the committee members that he had raised this matter in committee meetings back in 2018, and had directed the Ministry of Interior to take extraordinary measures to block such attacks.

He appreciated the Pakistan intelligence agencies for identifying this major cyberattack by Indian intelligence agencies involving a range of cybercrimes.

The issue of placing Pakistan in the FATF’s grey list was also discussed in the committee. Mr Malik said the FATF was playing a discriminatory role and victimising Pakistan while favouring India.

He informed the members that he had written a letter to the FATF president, asking him to remove Pakistan’s name from its grey list and proceed against PM Modi for his role in money laundering and terror financing.

The Senate committee also considered a point of public importance, “rights of special people” that was raised by Senator Dr Shahzad Wasim in the House in January, 2020.

Mr Malik while appreciating the mover said that the existing procedure for issuance of CNIC for disabled persons should be reviewed on a merit basis. He argued the government should prepare comprehensive SOPs for issuance of CNIC with a special logo of disability.=

The committee members pointed out that encroachment and illegal construction in sector E-11, Islamabad, was the glaring example of incompetence and corruption in the CDA.

https://www.dawn.com/news/1574292/senate-body-condemns-cyberattacks-by-indian-spy-network

 

[MenInG]

The National Security Council (NSC) on Monday approved Pakistan’s first-ever National Security Policy (NSP) 2022-2026, which puts the economic security at the core. The policy will now be presented before the federal cabinet on December 28.

Prime Minister Imran Khan, who chaired the 36th meeting of NSC, said that the security of Pakistan rests in the security of its citizens and reposed confidence that “Pakistan is well prepared to meet any internal and external threats”.

Terming the NSP’s formulation and approval a historic moment, the prime minister said that the policy must guide all organs of the government to ensure that their efforts are synchronised with the overall direction of the NSP.

He also instructed National Security Adviser Moeed Yusuf to present an implementation progress report to the NSC every month. The meeting was attended by federal ministers for foreign affairs, defence, information and broadcasting, interior, finance, human rights, chairman Joint Chiefs of Staff Committee, all services chiefs, National Security Adviser and senior civil and military officers.

The NSA briefed the participants on the salient features of the NSP and highlighted that Pakistan is shifting to a Comprehensive National Security Framework whereby the ultimate purpose of national security is to ensure the safety, security and dignity of the citizen of Pakistan.

To ensure the citizen-centric approach to security, the NSP put economic security at the core, saying a stronger economy would create additional resources that would in turn be judiciously distributed to further bolster military and human security.

Apart from the economic and military issues, the draft sheds light on the country’s water security as well as population growth, terrorism and foreign policy, particularly concerning the Kashmir and Afghan issues and relations with other countries in the region and beyond.

Participants were informed that the NSP had been created through a whole-of-government effort over the last seven years, and included extensive consultations among federal government institutions, with all provinces, and with the academia and private sector.

With the approval of the draft, it is being said that the country’s challenges and opportunities would be outlined for the first time and the government would be able to refer to the policy guidelines in the future.

It was highlighted that a detailed implementation framework had been created through which the National Security Division would review progress in collaboration with relevant ministries and departments.

Revitalisation of the Planning Committee and the expansion of NSC’s Advisory Board was also unanimously approved by the participants during the meeting. The NSP will now be presented to the Cabinet before being officially adopted. A public version of the document will be released in due course. NSC members, while approving the NSP, appreciated the National Security Division and all other government departments for this effort.

https://tribune.com.pk/story/2335842/nsc-approves-pakistans-first-ever-national-security-policy