Hackers linked to Russian intelligence have stolen Indian military data from cyber spies believed to be working on behalf of the Pakistani state, according to an assessment by Microsoft researchers. All those involved are part of what are known as "advanced persistent threat" (APT) organizations in their respective countries. TechTarget defines "Advanced Persistent Threat (APT) as "a prolonged, targeted cyber attack that involves an attacker gaining and maintaining unauthorized access to a network for an extended period". The goal of an APT is to steal sensitive data, rather than cause damage to the network or infect systems with malware. It is harder to defend against such intrusions than to attack.
In a recent blog post, Microsoft researchers have discussed how Russian FSB's Secret Blizzard APT has breached a Pakistan-based threat activity cluster called Storm-0156 ATP to steal India's military secrets gathered by Pakistani intelligence. Since then, researchers from Microsoft and Black Lotus Labs say, Secret Blizzard has been able to leech off of Storm-0156's cyberattacks, accessing sensitive information from various Afghani government agencies and Indian military and defense targets.
State actors in India and Pakistan are known to target each other for cyber espionage. Last year, the Pakistani government warned its officials about a number of India-linked APT groups, including PatchWork and Sidewinder, targeting Pakistan. Some Indian ATP groups also target China.
Some Pakistani APTs targeting India have also been revealed in recent years. Among these are SideCopy and Transparent Tribe.
Given the cyberthreat landscape in South Asia, Pakistan is trying to improve its cybersecurity posture, steering $18 million in funding for cybersecurity research and adding $36 million to its budget to develop better cybersecurity technical capabilities.
International Telecommunications Union (ITU) has ranked Pakistan (score 96.69/100) among top tier countries for cybersecurity in 2024. Out of a maximum score of 20, Pakistan received 20 for legal measures, 18.21 for technical measures, 20 for organization measures, 20 for capacity development and 18.48 for cooperative measures, according to the Global Cybersecurity Index 2024 report released by the ITU.
Pakistan Cybersecurity Scores 2024. Source: ITU |
Pakistan's tier one cybersecurity ranking is a big improvement from its 79th rank (score 64.88 from 100) it got in the cybersecurity ranking by the ITU in 2020. Four years ago, Pakistan scored 15.97 on legal measures, 12.26 on technical measures, 11.01 on organizational measures, 17.25 on capacity development and 8.38 on cooperative measures.
Increasing penetration and rapid growth of the Internet user base in Pakistan has brought in a lot of user complaints of bullying and fraud, necessitating government action, including new legislation and capacity building to fight cyber crimes.
Pakistan Telecom Indicators as of July 2024. Source: PTA |
In 2018, Pakistan launched its National Center for Cyber Security (NCCS) as a joint project of Higher Education Commission (HEC) and the Federal Planning Commission. The Center includes several Research and Development (R&D) Labs at Pakistani universities. These universities have been given the mandate to establish NCCS affiliated Labs in different specialties of cybersecurity under the Center's secretariat. Earlier this year, Pakistan's economic coordination committee (ECC), a ministerial level body, allocated $36 million for work on cybersecurity measures.
Like many other nations, the cybersecurity threats in Pakistan include hacking, identity theft, cyber-bullying, cyberstalking, spoofing, financial frauds, digital piracy, viruses and worms, malicious software, money laundering, denial of service attacks, electronic terrorism, vandalism, and pornography.
Pakistan has passed a cybercrime bill and established a National Response Center for Cyber Crime (NR3C). NR3C has expertise in Digital Forensics, Technical Investigation, Information System Security Audits, Penetration Testing and Training. Since its inception, it has been involved in capacity building in various departments including Police, Intelligence, Judiciary and Prosecutors. Cyber Scouts is the latest initiative of NR3C, in which, selected students of different private/public schools are trained to deal with computer emergencies and increasing awareness of cyber threats amongst their fellow students, teachers and parents.
Related Links:
2021: A Banner Year For Tech Startups in Pakistan
Pakistan Projected to Be World's 6th Largest Economy By 2075
Digital Pakistan 2022: Broadband Penetration Soars to 90% of 15+ Population
Pakistan's Digital Public Infrastructure
Pakistanis' Insatiable Appetite For Smartphones
Has Pakistan Developed Cyber Attack and Defense Capabilities?
IDEAS 2024: Pakistan Defense Industry's New Drones, Missiles and Loitering Munitions
ITU Ranks Pakistan Among Tier 1 Countries For Cybersecurity
Riaz Haq's Youtube Channel
16 comments:
Looks like Pakistani regime is quite busy spying on its own people too, and making a mess of internet speeds in the process. Pakistan is currently ranked 100 in mobile internet speeds and 141 in fixed broadband speeds.
https://www.dawn.com/news/1877689/pakistan-ranked-among-lowest-12pc-globally-in-mobile-broadband-internet-speeds-in-oct-report
https://www.speedtest.net/global-index
I'm surprised how well India managed to do in mobile internet (26), though its ranking for fixed broadband (89) was nothing to write home about.
Vineeth: "Looks like Pakistani regime is quite busy spying on its own people too"
Do you know that India is a mass surveillance state? Have you heard of Indian government using Israeli Pegasus spyware to spy on its own people?
Are you aware that the US National Security Agency (NSA) has been spying on Ameicans for decades?
Indian government's surveillance on opposition politicians and activists doesn't seem to be anywhere the near the scale of the effort that the Pakistani state seems to be doing to stamp out dissenting voices and opinions. How else would one explain the dramatic reduction in internet speeds and blockage of X/Twitter that Pakistanis seem to be experiencing? Mind you, I'm merely quoting Pakistani media reports themselves.
Vineeth: "Indian government's surveillance on opposition politicians and activists doesn't seem to be anywhere the near the scale of the effort that the Pakistani state seems to be doing to stamp out dissenting voices and opinions"
The following statements are the results of a Google search I did this morning:
According to recent reports, India is considered one of the top countries globally in terms of requesting social media platforms to remove content, with Twitter specifically noting India as a leading nation sending requests to take down content from its platform.
Key points about India's social media removal requests
High volume of requests
Twitter's transparency reports show that India consistently ranks among the top countries requesting content removal, often making a significant number of legal requests to take down posts and accounts.
Government oversight
The Indian government actively monitors online content and uses its authority to request removal of content deemed inappropriate or harmful.
Impact on platforms:
This high volume of removal requests can put pressure on social media companies to comply with Indian regulations, potentially impacting freedom of expression on the platforms.
Dear Sir
I hope you are doing well, sir their are serious issues of internet service going on in Pakistan in some cities and towns.
The bad news is that IT sector of the country specially the IT enabled service which call centers in Pakistan provide to foreign companies specially in America,UK, Australia and Canada are suffering and softwares exports and IT enabled services which are also exported from the country to foreign countries are also getting effected.
In few hours, the software or IT companies in Pakistan have lost US$ million.
Also the free lance work which IT students and IT graduates were getting in Pakistan has dropped significently to 70℅ due to slow internet speed in the country.
Recently the government shut down the internet service in some areas and also vpn was also banned in some cities.
Sir can you pls make a blog about this serious issue?
Thanks
Ahmed: "In few hours, the software or IT companies in Pakistan have lost US$ million...Also the free lance work which IT students and IT graduates were getting in Pakistan has dropped significently to 70℅ due to slow internet speed in the country"
I have heard of these claims in Pakistani media reports but the actual data doesn't support them so far.
Rumors of Internet slowdown in Pakistan have been circulating since the middle of this year (https://apnews.com/article/pakistan-internet-disruptions-cybersecurity-firewall-elections-de408fbd514aa754fdbbf44e0f462070) but the tech exports are still rising by double digits.
Pakistan's information technology exports maintained their growth as they fetched $292 million in September 2024, up 42% from the same month of last year and higher than the last 12-month average of $280 million.
https://tribune.com.pk/story/2504412/it-exports-surge-42-as-firms-expand-client-base
Asking social media firms for selective content removal is a legal method and very different from snooping on data traffic. Pakistan is reportedly installing a China-style firewall which it calls "Web management system" whose real purpose seems to be clandestine mass surveillance of its citizens through deep packet inspections. The shoddy implementation of this system is reportedly causing the ongoing slowdown in internet traffic. And then there is the blockage of X and the proposals to ban or severely restrict the use of VPNs.
Profit
@Profitpk
In 2016, Netflix entered Pakistan and quickly proved the country was more than ready to shift from television to streaming. But despite the early success, Netflix has been dethroned as the leading OTT platform in the country by Tamasha. This is that story:
https://x.com/Profitpk/status/1866726498310185060
-------------------------
Profit
@Profitpk
The answer is simple. Tamasha’s success, and indeed the success of other platforms such as ARY Zap and Tapmad, has been through streaming cricket. But what do the numbers look like? For the full picture, read on at:
https://profit.pakistantoday.com.pk/2024/12/09/streaming-wars-has-jazzs-tamasha-cracked-the-code-on-monetizing-content-in-pakistan/
https://x.com/Profitpk/status/1866726500742865192
--------------
The days of passive television consumption are long gone. Viewers now command their entertainment destiny, summoning favorite shows with a mere tap on a smartphone or click of a remote. Streaming giants like Netflix, Amazon, HBO, and Disney have revolutionized how we consume content, transforming television from a scheduled experience to an on-demand universe.
Binge-watching has become more than a trend—it’s a cultural phenomenon. Viewers no longer wait for weekly episodes; entire seasons are devoured in marathon sessions, reflecting an insatiable appetite for storytelling that transcends traditional media boundaries.
For countries in South Asia, this digital content revolution arrived fashionably late. Limited internet access and prohibitive subscription costs initially kept the region on the periphery of the global streaming landscape. But that was then.
Today, digital content consumption has evolved into a nuanced, immersive experience. Unlike fleeting digital interactions, Over-the-Top (OTT) platforms now offer meticulously curated content that commands viewers’ undivided attention. The average OTT session now stretches far longer than traditional digital engagements, signaling a profound shift towards intentional, quality viewing.
This transformation has birthed a fascinating global content ecosystem in Pakistan. K-pop and K-dramas from South Korea sit alongside Japanese anime, while American psychological thrillers and Turkish historical narratives serve as a testament to the borderless nature of modern entertainment. Platforms like Netflix have become global cultural conduits, offering libraries that reflect this rich, diverse content landscape.
While Netflix dominated the Pakistani market since 2016, the post-COVID streaming landscape has become a battleground of emerging platforms. Amid numerous launches and quick exits, one player has emerged distinctly: Tamasha, Jazz’s OTT platform, which has carved a remarkable niche in merely three years.
But has Tamasha truly cracked the code of Pakistan’s streaming market? To understand its strategy and the broader competitive dynamics, Profit dives into the intricate world of streaming platforms.
IT industry living under constant fear of slowdowns
https://www.dawn.com/news/1878235/it-industry-living-under-constant-fear-of-slowdowns
VPN users can cause Internet speeds to crash
https://www.cnet.com/tech/services-and-software/your-vpn-is-crushing-your-internet-speeds-heres-how-to-speed-things-up/
Using a VPN can cut your internet speeds in half, which can negatively affect streaming and gaming. Try these tips to keep your connection speedy.
While virtual private networks can be great for protecting your privacy, there's an unavoidable trade-off: VPNs slow down your internet speeds, often by 50% or more.
It's the nature of how VPNs work, and there's no way around it. A VPN encrypts your internet traffic and routes your connection through a remote server. This keeps your online activity private, but it's also this process that's primarily responsible for the speed loss. It takes time to encrypt and decrypt your traffic and for your data to make the round trip to the VPN server and back to your device. However, there are a few things you can try if you want to achieve the fastest possible speeds through your VPN connection.
I guess this article speaks about how VPN would reduce internet speeds for those who use it, due to rerouting and encryption of their data traffic. The case of the widespread internet slowdown in Pakistan is different as even those who do not use VPNs are being impacted, and this apparently started happening in recent months after Pakistan govt started implementing a so-called "Web management system".
Dear Sir
Thanks for posting this useful article, I am sorry I don't think I can agree with this.
As far as I know VPN( virtual private network) connection which is setup between the sender computer (user) to the destination computer ( receipent) over internet, actually uses the bandwidth which is provided by the ISP( Internet Service Provider) who provides internet service to the user who is the sender.
Sir how far do you agree with this article?let's have an academic level of discussion on it.
Thanks
Dear Sir
Yes it takes time for the data that is being transmitted from the source computer to destination computer over internet via VPN connection to be encrypted and later decrypted.
The encryption process actually works at the senders point from where the data is being transmitted and as soon as the data reaches the destination computer over internet, it is decrypted using decryption method and technique.
But the question is that what does this process of encryption amd decryption of data that is being transmitted over the internet via VPN connection has to do with the speed of the data?
The speed of the data actually refers to the bandwidth.
Salam Sir and team of this blog
When the data which is actually a part of the internet traffic that flows over internet is being encrypted and decrypted, it is actually the devices or system that is effected which is encrypting and decrypting the data, it is actually the processing capabilities of the system or device which is overburdened when the data is encrypted or decrypted.
This process of encryption and decryption of data which is part of security feature of the VPN specially ipsec VPN increases the overhead of the country, memory and other hardware components of the system and slows down the system. The system responds slowly to the request that the user sends.
Ahmed: "As far as I know VPN( virtual private network) connection which is setup between the sender computer (user) to the destination computer ( receipent) over internet, actually uses the bandwidth which is provided by the ISP( Internet Service Provider) who provides internet service to the user who is the sender"
It's not just encryption/decryption at the source/destination but also additional VPN headers that add to the load.
All of it has to fit in the max transmission unit (MTU) that the routers can handle. So the number of bits, bytes and packets increases requiring greater bandwidth and packet processing power in the system.
Salam Sir Riaz
Thank you for your reply to my questions, Sir I am happy that I am having this discussion with you.
Sir how can a VPN have header? It is actually the data which has header, the data is transmitted from source computer to destination computer over internet in the form of ip packet, and each ip packet has a header and trailer portion.
The header portion of the ip packet contains the source and the destination ip address.
VPN is a virtual connection or a tunnel which is set up from the source computer to destination computer over internet and it actually provides a secure connection to the source computer to the destination computer over internet. When a user who is also called a sender actually 1st sends a request to set up a connection or a session with the destination computer.
Once the connection or session is set up from source computer of the sender to the destination computer. It is only after this when data is transmitted over VPN connection between source and destination computer.
How does the VPN has its own header?
Thanks
Post a Comment