Fakhir Jibran has a master's degree in international relations, and political science from the Punjab University, Lahore. He can be reached at [email protected].
The art of warfare is an ever-changing phenomenon. Humans have gained splendid success in rejuvenating the means of warfare by dint of their scientific and technological advancement. Information and Computer Technology (ICT) has provided swift channels for the flow of information. However, on the other hand, it has unfolded new challenges to the cybersecurity of states, making states like Pakistan and their individuals even more vulnerable.
Today, more than half of the world’s population is connected with delicate internet cables exchanging information and data every moment. With this huge number, the need for security in cyberspace becomes a natural concern of every nation. “Pakistan is among the top ten countries most vulnerable to cyberattacks,” says Symantec, an internationally renowned cybersecurity firm. For countering this threat, there is a need to address the issue from different perspectives, enhance indigenous cyber technology, and improve the capacity-building mechanisms.
Dangers of Cyber Technology
Around the world, cyber technology is being widely used for carrying out cybercrimes for personal, political, economic, or strategic gains. Cybercrime is a practically broad, but theoretically vague, concept. Different experts try to define the idea in different terms. These variant connotations are a result of several unlawful activities that are performed using cyber technology.
The National Response Center for Cyber Crime (NR3C) defines “cybercrime” as, “Any activity commissioned via computer, digital devices and networks used in the cyber realm, and is facilitated through the internet medium.” In simple words, all such illicit activities carried out by using computer systems and the internet for deliberately attacking or controlling the activities of other states and societies, come under the umbrella term of “cybercrime”. Common examples of this crime include data stealing, cyber-espionage, electronic counterfeiting, cyber terrorism, defamation campaigns, hate-mongering, bank frauds, and so forth.
Cyber-based technologies are growing at a pace like never before. Resultantly, the number of cyberattacks is also increasing. There are more than 4 billion internet users in the world and every 3 seconds, the data of one of these users is stolen through a cyberattack. The unpredictable and dubious nature of these attacks makes them more defenseless than any other attack on the people and institutions of a state.
These attacks can be triggered from anywhere around the world. It is nearly impossible to apprehend the whereabouts of perpetrators. The number of cyberattacks has increased manifold in the last five years. Thus, cyberattacks are recognized as a major security challenge by every country. The misuse of cyber technology compels the states to engage in collective and individual efforts to make their cyberspace safe and friendly.
Cyber Threats to Pakistan
Pakistan’s anxiety regarding cybersecurity is growing. The country has seen many cyberattacks in recent years from its sworn state and non-state enemies. Pakistan’s nuclear assets and critical military installations are a natural target of cyber-espionage. CPEC projects are also equally vulnerable.
The country’s defense infrastructure in the northwest region and Balochistan remains a target for India and its allied anti-Pakistan organizations. Evidence reveals that Indian intelligence is involved in assaults on Pakistan’s media houses and communication networks for causing disintegration and chaos. On the other hand, private hackers and professional criminals around the world also try to intrude into Pakistan’s cyberspace for stealing data and information.
Pakistan is a nuclear power with a long history of tumultuous internal politics and perpetual economic instability. Its position on the chessboard of global politics readily makes it a target of countries with advanced cyber technologies like India, Israel, the USA, and Russia. These realities indicate that Pakistan stands amidst a plethora of cyber threats which should be combatted with new approaches.
The year 2018 was a dangerous year for Pakistan in terms of cyberattacks. The Federal Investigation Agency (FIA) reported that almost every bank in Pakistan faced some sort of cyberattack. A report by PakCERT mentioned that information of nearly 20,000 ATM cards was stolen and sold on the Dark web.
In the same year, a shocking cyber assault took place against Pakistan Air Force. It was named Operation Shaheen which utilized phishing techniques to steal confidential documents from the air force. A similar attack was launched in 2019 when an international organization, Rattlesnake, attacked Pakistan’s Naval Public Relations Bureau for stealing vital information. Furthermore, several Pakistani high officials reported that their smartphones had been hacked for surveillance.
Another dilemma for Pakistan is the offensive activities of non-state actors and secessionist movements on the internet. Social media platforms like Twitter, YouTube, and Facebook are the prime choice of these groups for spreading hatred, confusion, and anti-Pakistan propaganda.
Additionally, pornographic content and morally objectionable data are being freely propagated on the internet to allude to Pakistan’s youth. At the national level, internet gambling, drug trafficking, web spoofing, digital piracy, cyberstalking are widespread in Pakistan due to a lack of awareness and inadequate legislation.
Pakistan is accustomed to facing security challenges both from inside and outside its borders. Due to regional instability and risk at both the eastern and western borders, the issue of security remained at the center of its foreign policy. However, it is argued that Pakistan is still not fully acquainted with modern strategies to counter the soft threats.
Pakistan lags behind the advanced nations in terms of technology. The country wants to step up its technological base on par with its rivals. Israel is already one of the top five nations with the best cyber warfare capabilities. India is also bolstering its offensive and defensive cyber warfare skills. As a result, Pakistan is compelled to do more in this field.
Pakistan has always renewed its security by keeping in view the power of adversary states; therefore, its defense system always remains vigilant enough to absorb any surprise attack. However, making defense policies from the perspective of external security concerns sometimes ignores internal issues.
Misuse of technology for exacerbating problems like ethnic disputes, social intolerance, and religious extremism also pose equally deleterious threats to the security of Pakistan. These challenges demand a holistic approach.
Around 100 million Pakistanis use the internet and the majority of them are incognizant of the possible cyber threats. Irregularities in cyberspace may harm their wealth, privacy, or honor. Thus, it is commonly argued that along with staying vigilant against external threats, Pakistan should also pay equal attention to the internal security challenges.
Enhancing Indigenous Technology
The government of Pakistan needs to enhance its cybersecurity to counter both internal and external insecurities. There is an urgent need for developing indigenous technology by investing more resources in the field of information technology (IT). The government should set up talent haunting programs to attract young experts. These people can be further sent to countries like China, Malaysia, or South Korea, which have the best IT universities.
In 2018, the National Center for Cyber Security was established under which specialized IT labs were set up in 11 Pakistani universities for providing cyber-based skills. Pakistan needs more initiatives like these. Israel is doing the same under its Talpoit Training Program. It recruits talented people and trains them under the supervision of Israel’s defense institutions. If good incentives are given, hundreds of young professionals would agree to work for the cybersecurity of Pakistan as well.
More Inclusive and Specific Legislation
At the national level, Pakistan needs more inclusive cybercrime laws. The 2016 Prevention of Electronic Crimes Act (PECA) was the first law of its kind that criminalized certain suspicious activities on the internet. Under this act, unauthorized access to any critical information, offenses against decency or religion, cyberstalking, and many other activities were deemed punishable crimes.
However, the act is under criticism by pro-democracy and human rights activists since its enactment. It is argued that some provisions of PECA are vague and can be misused for political benefits. It gives open authority to the Pakistan Telecommunication Authority (PTA) to decide what is lawful or unlawful.
PTA can even get full access to someone’s private data while carrying out an investigation. Section 20 and 11 of PECA criminalizes online slander campaigns and hate speeches against a person or group. This part leaves much room for unfair prosecutions against political opponents; whereas, issues like harassment, e-frauds, and ethnic hatemongering remain unaddressed.
Broadening Institutional Framework
Pakistan also needs to broaden its institutional framework to strengthen its cybersecurity. It needs to establish more specialized institutions like the National Response Center for Cyber Crimes (NR3C) and PakCERT. The task of social media monitoring, financial surveillance, intelligence operations, cellular security, etc. should be handed over to specific institutions.
The government should ensure foolproof and impermeable cyber shields for critical institutions like National Database & Registration Authority (NADRA), Pakistan Civil Aviation Authority (PCAA), Pakistan International Airlines (PIA), and so forth. The information of citizens is precious and should be preserved at any cost.
Advancement in cyber technologies carries several potential threats to the security of people around the world. Recent examples of cyberattacks in Pakistan justify the demand for upgrading cybersecurity. Like every other nation, Pakistan is bound to enhance regulations and surveillance mechanisms on the internet. It is evident that Pakistan is a target of various foreign powers. For the protection of its institutions and individuals, Pakistan should adopt new strategies and shrewdly devise its defense policies.
If you want to submit your articles and/or research papers, please check the Submissions page.
The views and opinions expressed in this article/paper are the author’s own and do not necessarily reflect the editorial position of Paradigm Shift.