FeaturedNationalVolume 14 Issue # 16

Are you cyber secure?

Over the last few years, cyber security has emerged as a serious global issue. The cyber space which acts as a seamless platform for exchange of information is vulnerable to multiple attacks, ranging from hacking to phishing and data theft. A few months ago, Pakistan’s banking system faced a major cyber attack whose cost was estimated at Rs.2.6 million. It raised the alarm among the masses, with a number of banks suspending their international payment schemes on their debit and credit cards to avoid fraud.

A new international study on cyber security has gathered data from different sources, including Kaspersky, the Global Strategies Index and the Global Security Index to measure the level of cyber vulnerability in various countries. The study took into account the percentage of mobile phones infected with malware, the percentage of attacks by crypto miners, the percentage of computers affected by cyber attacks, and how up-to-date a country’s legislation regarding cyber security among other indicators.

In the study, Japan has been ranked as the most secure country for all indicators. Pakistan lags far behind in terms of cyber security and is included in the bottom 10. Its neighbors, India and Bangladesh, are ranked at 14 and 6 respectively. Algeria was ranked the worst country in terms of cyber security, followed by Vietnam and Indonesia.

The study looked at 60 countries and found huge variations in a number of categories, from malware rates to cybe rsecurity-related legislation. In fact, not one country is top of the line across the board. All the countries studies could do with some significant improvements.

However, there were some countries that fared poorly in a variety of areas and others which outperformed the majority of countries. These measures were the basis for rankings the 60 countries in the study, from the least to the most cyber safe.

The authors of the research study considered seven criteria, each of which had equal weight in the overall score. These were: the percentage of mobiles infected with malware – software designed to gain unauthorized access to, destroy, or disrupt a device’s system. The number of financial malware attacks – malicious programs created to steal a user’s money from the bank account on their computer system. The percentage of telnet attacks (by originating country) – the technique used by cybercriminals to get people to download a variety of malware types. The percentage of attacks by cryptominers – software that is designed to take over a user’s computer and use its resources to mine currency (without the user’s permission). The best-prepared countries for cyber attacks. The countries with the most up-to-date legislation

Apart from the latter two, all of the scores were based on the percentage of attacks during 2018. The best-prepared countries for cyber attacks were scored using the Global Cybersecurity Index (GCI) scores. The most up-to-date legislation was scored based on existing legislation that covered seven categories (national strategy, military, content, privacy, critical infrastructure, commerce, and crime). Countries received a point for having legislation in a category or half a point for a draft.

For each criterion, the country was given a point based on where it ranked between the highest-ranking and lowest-ranking countries. Countries with the least cyber-secure scores were given 100 points, while countries with the most cyber-secure scores were allocated zero points. All of the countries in between the two scores received a score on a percentile basis, depending on where they ranked. The total score was achieved by averaging each country’s score across the seven categories.

The increasing frequency of cyberattacks in Pakistan in recent years shows that cyber criminals have developed newer and more sophisticated techniques to get unauthorised access to people’s private and personal data. Last year, due to a breach of internet security, millions of rupees were stolen from a local bank from international payment cards. According to the cybercrime wing of Federal Investigation Agency, all banks of Pakistan were targeted by hackers.

Krebsonsecurity.com, which is a renowned digital security website, states that data of more than 8,000 account holders of 10 Pakistani banks were sold in the market. Another report says that a total of almost 20,000 cards of 22 Pakistani banks were affected by the recent security breach.

To deal with the threat, the State Bank of Pakistan (SBP) has issued Enterprise Technology Governance and Risk Management Framework for Financial Institutions whose aim is to make the financial institutions minimise the risk factor by ensuring the maximum level of cyber security and creation of safe and secure technology operations.

Individual account holders are equally to blame for cyber attacks as they do not follow the basic rules to keep hackers at bay. The Pakistan Banks Association has warned that lost cheque books can be used to steal money. Similarly, data of the lost credit/debit card can be copied through certain expertise and used for money transactions. As a safeguard, a well-organised security awareness campaign should be regularly conducted to educate the users through mainstream media, social media, print media, seminars, etc. A multi-level filter and authentication system should also be put in place for online transactions as well as routine banking operations.