“Cyber security issues in Pakistan”

An overview:
Activity in which computers are a tool, a target or a place of criminal acts. It is also stated as an instrument to further illegal ends, such as committing fraud, stealing identities and violating privacy .It also includes traditional crimes in which computers or networks are used to enable the illicit activity. As the computer has become central to commerce, entertainment, and government. Cyber crime has grown in importance. Examples: • • • • E-mail account of a Federal Minister was hacked. Credit cards frauds reach to an alarming level. Visiting CEOs of Multinational Companies gets threatening E-mails. Financial institutions are the favorite targets of Cyber criminal’s - worst effecting the technological and progress in the area of e –Commerce. Online activities are as vulnerable to crime as real life situations are. Law makers, Law enforcement and individuals need to know how to protect themselves. Though Cyber crime used to exist way before the innovation of computer, the only difference involves the tools used to commit the crime. Some Main types of Cyber Crime are under: 1. Assault by Threat: Threatening a person with fear for their lives or the lives of their families through Internet e.g. Email, videos or other networks like Mobile Phones etc. 2. Cyber theft: Using a computer to steal. This includes activities related to DNS cache poisoning, identity theft, fraud embezzlement and unlawful appropriation, espionage etc. 3. Cyber terrorism: Premeditated, usually politically-motivated violence committed against civilians through the use of, or with the help of, computer technology. 4. Cyber laundering: Electronic transfer of illegally-obtained money with the goal of hiding its source and possibly its destination.

particularly cyberspace. Software piracy. or even the Personal Computer. like: Intellectual property. theft Property of Source code etc. Type Financial Intellectual Description / Examples Lottery announcements. Laws regarding cyber crimes: Cyber laws: The legal issues related to use of communications technology.History of Cyber Crime: The origins of cyber crime can be traced back to early 60’s. It is an intersection of many legal fields. trademarks violations. Stewart Nelson. cheating. i. Email spoofing /Sending e-mails that appear to originate from one source but actually Spamming Hacking Virus / is sent by another source.e. the days without Microsoft Windows. copyright infringement. Unauthorized access to computer systems or networks. General Types of Cyber Crimes / Attacks The following table depicts general types of cyber crimes / attacks. Privacy etc. used the university’s computer to generate the tones needed to access their long distance phone service also called as ‘Blue Boxing’. A variation to a typical denial of service attack is known as a Distributed Denials of Service (DDoS) attack wherein the perpetrators are many and are geographically widespread. making control over websites. wormFlooding viruses inside a network to produce associated damage to Attacks resources. money laundering etc. a student at MIT. the Internet. Stealing information on computer hard disks. Denial of ServiceCausing the network resource to crash in response to a flood of Attack requests by an attacker resulting in denying authorized users access to the service. In 1964. Cyber laws are an attempt to apply laws designed for the physical world to human activity on the Internet Cyber Laws in the World: o Electronic Commerce Act (Ireland) . the Internet. credit card frauds.

Cyber Security Regime in Pakistan. Cyber Security. Still a Lot to be done! The revolution of ICTs (INFORMATION AND COMMUNICATION TECHNOLOGY) has fundamentally changed societies and sectors and would probably continue to do so in the foreseeable future. Along with encouraging the use of Information and Communication technologies from their inception. Technical measures to protect communication networks are being implemented with a support of required legislative measures to prevent and deter cyber attacks. These types of threats are more vulnerable in a sense that they are not restricted by geographical limitations or national boundaries. USA. They are:   Electronic Transaction Ordinance 2002 Electronic / Cyber Crime Bill 2007 The fact is that these laws are only 20% compatible with rest of the world. These developments on one side of the coin have given shape to unprecedented economic and social development. economies are looking at ways to counteract the consequences simultaneously. These deal with all dimensions related to computer & networks. Singapore) Electronic Transactions Ordinance (Hong Kong) Information Technology Act (India) Information Communication Technology Act Draft (Bangladesh) o o o Cyber Laws in Pakistan: o There are different laws promulgated in Pakistan. Condition in Pakistan: .o Electronic Transactions Act (UK. o o o o These laws not only deal with crime of Internet. however they have also given birth to new type of crimes called ‘Cyber Crimes’. New Zealand. Two of them are most known. Australia.

until it lapsed in November 2009 and was never taken care of then. newswire reported that 224 cases were reported in 2005. But this proposed law was unable to get tabled in Parliament and in fact implemented as an ordinance by former President Musharraf on Jan. sale of illegal articles. due to lack of awareness and the law. One such law called Cyber Crime prevention bill was passed by Pakistan Federal Cabinet on Jan 17. email spoofing. According to the officials. 2007. The proposed law titled as “Prevention of electronic crimes bill” offered penalties ranging from six month of imprisonment to capital punishment for 17 types of cyber crimes including cyber terrorism. theft of information contained in electronic form. 287 cases in 2008 and the ratio dropped in 2009 but in 2010 more than 312 cases were registered in different categories of cyber crimes. these registered cases are even less than 10 percent of actual crimes. hacking of websites and criminal access to secure data. Trojan attacks. There are a number of cyber crimes in Pakistan mainly including cyber pornography. the accused could be fined one lack to five lack Rupees or three to ten years imprisonment or both. According to Ordinance. cyber stalking. Ordinance was later endorsed twice by PPP government for renewal. . 62 cases were reported to the unit in 2007. Mobile Networks and Broadband connections and only few people know about cyber crime but in fact there is no such law to prevent cyber crimes right now. citing cyber crime investigation officials. Pakistan: A Country without Cyber Law: Though Pakistan is new member of cyber world i. while other crimes go un-reported. Quoting a Cyber Crime Unit (CCU) official. there is no such law at this particular time to prevent cyber crimes in Pakistan.e. forgery. online gambling. As age of any Presidential ordinance is only six weeks from the date of its promulgation in Pakistan. virus attacks. reported CRI. password cracking and financial cyber crimes (hacking of ATM card numbers and bank accounts). intellectual property crimes. 07. 196 cases in 2006. 2008. Internet time theft.The cyber crimes of various types in Pakistan have increased in numbers by five times over the past six years. unauthorized access to computer systems/networks.

but apparently they are either busy doing other businesses or they are deliberately not paying any attention. communications and transactions in electronic form. there is a huge room available when it comes to implementation and execution of security in the cyber world. He said that Cyber Crime law is supposed to be defined by Ministry of IT and Telecom. information.In absence of any such comparative law there is strong urge on our legislators to pass a law that can stand the complexities of today’s cyber world and apprehend the accused instead of accusing people of political revenge and calling them the cause of government’s own negligence and failure to meet the demands of today’s fast moving cyber world. He further added that it is the need of the hour to get Cyber Crime Law gets passed from parliament to make it permanent part of Pakistani law. However. If this is the situation of crime then one wonders where government is and it is doing to stop such breach of privacy? Pakistan has developed a strong institutional and legislative framework with regards to Cyber Crimes / Security. Following text highlights the present status of Cyber Attacks / Crimes mitigation at National level. and to provide for the accreditation of certification service providers. unless he is a minister and use his influence to impose relevant sections from penal code on culprit. records. . And the misery is that victim can’t fight his privacy breach. our telecommunication and Internet service providers have also laid required procedures for securing their infrastructures. Electronic Transaction Ordinance 2002 ETO was passed by Government of Pakistan with the objective to recognize and facilitate documents. The ordinance also addresses Legal and safe trading aspect in order to protect the interests of both the buyers and the sellers in the process of electronic sales and purchases. I recently heard from a friend that you can hack any mobile number and check the record of sent and received text messages and calls. as internet domain is fairly covered by IT Ministry. Moreover. An FIA official in a conversation said that agency has been reminding the concerned departments about the lapse of ordinance.

equipped with Hi-tech tools for supporting NR3C operations in cyber crime cases. Government of Pakistan established an exclusive subsidiary entity under the Federal Investigation Agency (FIA) responsible to deal with all types of electronic offences throughout the country. National Response Centre for Cyber Crimes (NR3C)– FIA : In order to enforce the Prevention of Electronic Crime Ordinance 2009. Currently there’s no cyber law in Pakistan. National Response Centre for Cyber Crimes is working under the following set of defined objectives: • • • To enhance the capability of Government of Pakistan and Federal Investigation Agency to effectively prevent growing cyber crimes.Prevention of Electronic Crime Ordinance 2009 PECO was passed by Government of Pakistan with the objective to define cyber crimes and associated fines / punishment for the criminals. To build a Computer Forensic Laboratory. The Ordinance addresses and lays down legislative terms for the following cyber crimes: • • • • • • • • • • • • • • Criminal data access Data damage System damage Electronic fraud Electronic forgery Misuse of devices Misuse of encryption Malicious code Cyber stalking Spamming Spoofing Unauthorized interception Cyber Terrorism Waging cyber war PECO has completed its age as given in the Constitution of Pakistan. . The Ordinance was required to be re-promulgated in February 2010 which has not yet been executed. To establish a reporting centre for all types of Cyber Crimes in the country.

It is the need of the hour to legislate a law for cyber world with keeping all the elements in mind. There is an urgent need to introduce international certification like . National Telecommunications and Information Technology Security Board (NTISB) Previously known as National Communication Security Board (NCSB). Regulate induction of ICT security systems. Periodic inspections of communication centers in the public sectors. International liaison/coordination with Law Enforcements Agencies of other countries.• • • • • Investigation and prosecution of cyber criminals and to cope with high-tech crimes. Develop and maintain expertise investigations of crimes involving high technology. however. He quoted that Banks and multinational companies are already convinced that they should have Information security officers. To enforce existing laws to combat electronic crime and to protect consumers. the NTISB Wing at the Cabinet Division Serves as Secretariat to the NTIS Board. NTISB performs following functions: • • • • Advise Federal Government on security aspects of the Policies concerning ICT related services. Ammar Jaffri is currently working with FIA and National Response Center for Cyber Crimes (NR3C) as Project Director. We have NR3C in place as a cyber police. The wing has a comprehensive set of procedures available to any citizen of Pakistan for reporting any incident related with Cyber Security / Terrorism. Administrative control of the Department of Communication security. Mr. it must be noted that they can’t execute anyone without legislation. To provide on demand state-of-the-art electronic forensic services and cyber investigator to Law Enforcement Agencies of Pakistan. There is an acute shortage of information security specialists in Pakistan. It’s apparent that government of Pakistan has done a lot to tackle this new wave of crime.

CISSP etc. there are very rare cases when the these laws have been practiced. Conclusion: It is concluded that we have some very fine laws and regulations to implement in the Cyber Space. I think there is an urgent need to create awareness in the general public on the threats of Cyber Crimes and also to finalize the relevant laws. We can also send such skilled manpower abroad. . An effort is being made to develop a working liaison with International organization especially against plastic money frauds and other financial crimes. Now need is to educate people regarding what there rights are and the legal strength they have been empowered with. so that punishment may be given to all those who are involved in Cyber Crimes. Recognized universities should also introduce bachelor and post graduate degrees in the area of information security. Cooperation among governments and between government and industry is the key to combating crime in cyberspace and making the Internet a safe and secure environment for e-commerce and communications. In this regard NR3C has initiated to establish SAARC/CERT. but the only lacking factor is the implementation of these laws. The National Response Center for Cyber Crimes (NR3C) has played an important role in fostering such cooperation. We are also planning to work with Muslim Countries under OIC-CERT.

Sign up to vote on this title
UsefulNot useful