By Ussama Tariq
The tendency of cyberattacks is increasing day by day, and every attacker brings new technology and tactics that are more difficult to defend against. Pakistan, with 83 million internet users, is a prominent opportunity for cyber attackers, attacking from within or outside the borders. Still, no such mechanism exists that can eliminate cyber threat completely. However, states are focusing more on defending against these threats than countering them. The nature of a cyberattack is ambiguous, and no state can take responsibility for attacks carried out by its citizens or from its territory.
Pakistan shares a bitter history with India and considers him the mastermind behind every attack conducted in Pakistan. If we compare Pakistan and India in terms of conventional military might, there is no doubt that India can surpass Pakistan without any hesitation, but in cyberspace, realities are different. Both states have faced cyberattacks on media outlets, banks, and other official websites of their states that were carried out against each other.
Methodology of Cyberattacks:
To conduct a cyberattack against any country’s critical infrastructure or networks, the attacker does not require advance and expensive weaponry; he only requires tools that can give him access to the target’s device. The target ranges from an individual to a private firm, banks, and in extreme cases, government organizations. The attacker can use both hardware and software to gain access to the network or device of the user. He can use malware, viruses, ransomware, Trojans, and other techniques to manipulate the system. The hardware can be destroyed by any conventional weapon, but to extract the material inside without the permission of the owner, a hacker is required to conduct these operations.
Pakistan’s strategy towards cyberattacks:
States that are capable of turning cyberspace into an opportunity and countering any vulnerability are called “cyber powers.” With a huge number of internet users, Pakistan is still struggling to benefit from cyberspace as well as to defend against APTs (advanced persistent threats). If we look into Pakistan’s National Security Policy, we will find out that Pakistan is still not considering cyber security as an existential threat. The state is focusing more on traditional threats from outside and inside the borders and has made mechanisms to counter these by spending huge amounts on them. On the contrary, cyber threats, which can cause losses of millions of dollars in a single attack, are not considered an existential threat. There is no up-to-date institute in Pakistan that is purely based on countering cyber-related issues, providing mechanisms for eliminating them, and making policies for cyberspace.
The biggest problem Pakistanis are facing is that there is very little internet literacy. This enables the attacker to conduct operations easily. The government should start raising awareness about internet safety and create organisations for teaching ethical hacking and other courses related to cyber security. The cyber threat landscape of a country is determined by the degree of vulnerability of its ICT-dependent infrastructures.
Pakistan’s cyber threat landscape is increasing as the government tends toward the digitalization of state affairs. No doubt, this can make work easier and more efficient, but with such poor cyber security, there will be more losses than benefits. Israel, which is ranked top in cyber security, can cause serious damage to Pakistan in this domain. The recent series of events, in which the phone calls of high-level government officials were leaked, was done by Pegasus software made by Israeli cyber experts. On the other hand, India is also attacking Pakistani media outlets, official websites, and other social media software to change the narrative of the people.
The Way Forward:
The government should initiate cyber-related awareness programmes at the grass-roots level and educate the people on how to use the Internet safely. The campaign should target every internet user in Pakistan by promoting them on famous social media outlets like Facebook, Instagram, and Tik Tok.
Secondly, Pakistan should have its own Cyber Army, which is well equipped and capable of dealing with up-to-date APTs. To build a cyber-army, the state has to recruit experts in the relevant field, and to maintain it, Pakistan should have to introduce high-level ethical hacking courses in universities or other educational institutes.
Lastly, Pakistan should make alliances with friendly states to counter cyber terrorism. There should be drills or practises between member states on how to react in a situation of cyber war. The phenomenon of cyberwarfare is new to the world, and no state has yet fought a proper cyberwar against another nation. The states should cooperate in this regard and create mechanisms based on collective security to counter this. In order to remain invulnerable to cyber terrorism, Pakistan should have to ask China for technical assistance in cyber security and make treaties on helping each other in a situation of cyber warfare.
Ussama Tariq, graduated from The University of Balochistan in International Relations. My area of expertise are Defence and Strategic studies, Conflict Managment and Cyber warfare.
- Muhammad Riaz Shad. (2019). Cyber Threat Landscape and Readiness Challenge of Pakistan. Strategic Studies, 39(1), 1–19.
- Sustainable Development Policy Institute. (2019, March 13). Cyber Security: Where Does Pakistan Stand? Think Asia.