The government has decided to conduct a comprehensive third-party security audit of the Federal Board of Revenue (FBR) to determine any vulnerabilities in the system, as it is constantly subjected to cyber-attacks.
Official documents of the bureau have revealed that the FBR system faces approximately an average of 71,000 cyber-attacks in a single month.
This volume has increased sharply over the past few years as the tools and methods available to hackers have become significantly powerful and developed.
The most recent cyber-attack on FBR’s data center occurred on Independence Day last year, 14 August 2021. The data of the previous cyber-attacks depict an increase in the frequency of attacks on days of national significance.
However, because of the security protocol already in place, the cyber-attack in August was restricted to the front end of the data center, and only the virtual machines were affected, which disrupted the day-to-day operations for a few days.
The initial forensic analysis conducted by the security team concluded that the Storage Area Network (SAN), on which the data is stored, has not been compromised, and to date, there is no indication or evidence that any taxpayer data was stolen, altered, or accessed in any way.
FBR took immediate action to restore the network, and the operations of the bureau were resumed quickly. There is an ongoing investigation into the current breach with the help of an internationally renowned cyber security firm. This firm is conducting a deep scan of the entire FBR network, including all machines located in the field formations, to locate the possible point of the initial breach.
The documents revealed that once this has been figured out and remedial actions have been taken, a comprehensive third-party security audit would be carried out to determine any remaining vulnerabilities. A comprehensive action plan to counter the vulnerabilities is being put together, and its execution will be monitored closely.
The federal cabinet has endorsed the operational emergency declared by the Chairman FBR and Secretary of Finance, under which FBR has been authorized to undertake emergency procurement of cyber-space and information security-related hardware, software, and services to protect the organization from such future attacks. Economic Coordination Committee (ECC) has already approved bridge financing of Rs. 3,860 million for this purpose.
Despite these precautions, it is pertinent to mention that the threat landscape is evolving at a faster pace than the organizations trying to protect themselves. Therefore, while initial procurements may protect FBR for the short and medium-term, continued investment into the IT system is required to protect and allow the organization to evolve into a true data-driven digital organization in the longer term.
Source: Pro Pakistani