The Runaway Cybercrime of Pakistan

Cybercrime is a major issue the whole world over – be it ransomware, DDoS attacks, identity theft or just a plain old phishing email, companies and individuals fall victim every day. The nature of the internet has always been so vague and mysterious. It’s a scary, useful and deep place all at once, and these threats have existed since the start, but for some of us, they can be more dangerous than they’re worth; take Pakistan, for example. Set in the heart of the Asian continent, its government and citizens are dealing with endless cases of hacking and data theft every year with over a dozen ‘reported’ cases a day. The infrastructure, culture and software available are lacking without a doubt, but all that’s set to change soon enough.

From organised crime to small fry hackers, here’s a glimpse into Pakistan’s cybercrime epidemic and what the country’s doing to solve it.   

The Problems, Big and Small 

The main issue is the presence of major players in the hacking game. The so-called ‘Gorgon Group’ claim residence in Pakistan, and they’re responsible for any number of attacks around the globe. They take their toll on everything from major corporations to nation states to single persons, and they’ve most recently been linked to attempts on agencies from the UK, US, Spain and Russia that are situated within Pakistan itself. According to Palo Alto’s ‘Unit 42’ threat intelligence team, the Gorgon Group combine both nation-state, criminal and simple hacking techniques to achieve their goals, most likely malicious. They blur the line and are an even bigger hacking circle problem because of it. 10 – 16% of Pakistan’s population are internet users, but these select few are some of the country’s most prevalent. 

Then there are the lesser players – Pakistan’s Federal Investigation Agency (FIA) set up a separate organisation recently to handle these kinds of cases just recently. The newly anointed National Response Centre for Cyber Crime (NR3C) collects complaints and reports from individuals, investigating cases to the extent of the law. In 2017 alone the Centre received over 2000 separate complaints under numerous categories; blackmail, harassment, defamation, hacking, fraud. Their goal is to make cyber crime easily reportable, and from there to make it more easily solvable.    

The Road to a Solution

The NR3C are clearly part of Pakistan’s ongoing solution, but more can and is being done. Technical training is key here, raising awareness of common schemes both to government employees and laymen, and over the past 3 years attempts have been made in that direction by the FIA. The fact is, we all have data on the web, everywhere – some of it more precious than others. While training can help it’s never a solve all. For that, you need defences. Specific software exists to protect users and enforce data security, and the companies and citizens of Pakistan are wise to start employing it alongside web wise common sense. Data masking can anonymise and hide vulnerable information on a database of PC for example, halting ransomware in its tracks. VPNs can keep private info private while it moves across a network, and a simple antivirus program can prevent those phishing emails from ever arriving in an inbox.  

Pakistan’s problems aren’t going to go away overnight. The hackers and systems in place will take time to counter, and on one level it’s a cultural issue where safety online isn’t as prominent as it should be. Over time, however, with the help of organisations like the FIA and NR3C, things can and will improve, both for the individual and the institution.

Posted in