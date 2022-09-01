The official website of the Export Development Fund (EDF) of Pakistan was compromised.

The data dump, which is over 4GB in size, contains files, hexed passwords, email records, email history, and other critical information.

As a result, private information about the IMF, FATF, CPEC, and other government agencies was compromised.

In what looks to be the second-largest security breach any Pakistani institution has ever experienced in almost a year, the official website of the Export Development Fund (EDF) of Pakistan, an independent entity under the Ministry of Commerce, was compromised.

Exclusive information obtained by a national news outlet claims that the data dump, which is over 4GB in size, contains files, hexed passwords, email records, email history, and other critical information.

The breach demonstrates how the actor had access to the EDF’s mainframe without difficulty and extracted official records from a wide range of categories.

According to the assessment, the website’s security was lax, which made penetration possible.

Raw data snapshots show that the hacker is likely foreign-born and willing to sell the stolen information for $400 or the equivalent in Bitcoin through his Telegram channel.

The EDF website was restored a few hours after the attack, according to our channel checks, however, the site then started listing former Prime Minister Imran Khan and former commerce advisor Abdul Razak Dawood as its key officials.

Following correspondence from regional media, the ministry updated the website once more.

Saleh Farooqi, the secretary of commerce, acknowledged in a statement that the EDF website had been hacked and subjected to a brute-force attack. He said that the server, which had been restored and was now operating properly, had been installed at COMSATS and was run by AHamson/COMSATS.

The email server has also been activated and is now secured, according to the secretary. He continued by saying that emails typically contain information on projects as well as routine correspondence between officers and pertinent parties.

These are internal communications, and they don’t seem to jeopardize the Fund’s operations, he continued.

He added that the service provider and EDF are in direct contact, that protocols have already been changed, and that additional security measures are being implemented.

Hacking is a big issue, but EDF doesn’t handle our critical information. However, Our own fact-finding team will be there, Saleh continued.

According to intelligence analyst Zaki Khalid, who is stationed in Rawalpindi, when commenting on the data leak, it is yet another regrettable example of how lightly cyber security compliance is treated.

“Even though succeeding governments have occasionally provided recommendations, there are still implementation gaps. Evidently lacking is internal monitoring,” he remarked.

These hacking have recently made headlines in Pakistan, with the first significant attack occurring under the previous administration.

Senior Ministry of Finance personnel’s official emails allegedly fell victim to a cyber-security attack in December 2021. As a result, official correspondence containing private information about the IMF, FATF, CPEC, and other government agencies was compromised.

Implications and Next Steps

Despite the exposure of sensitive information, it is embarrassing to realize that once the system was breached, all trade-related coordination with foreign agencies and embassies lost all credibility.

When investors commence sensitive correspondence with the Government of Pakistan, they establish a certain amount of trust.

As a result of the nation’s failure to maintain the integrity of its records/sensitive material on the internet, it may take a very long time to rebuild that trust.

It is widely believed that through attacking and hacking into Pakistan’s online data, these hackers give economic intelligence to Pakistan’s enemies.

It would be quite simple for another nation to damage Pakistan’s commercial connections with other nations in this situation. All they have to do to make life difficult for Pakistan is buy off the hackers and impose their own laws.

Despite these incidents, the National Telecommunication and Information Security Board’s (NTISB) recommendations are not being fully followed, and this issue needs to be rectified very away. In order to manage, safeguard, and reduce network vulnerabilities, institutions must prioritize national security across all online platforms.

This is an urgent requirement, and these issues must be looked into right away.

The NCP 2021 must be put into place in order to secure the IT infrastructure of the Pakistani government, which will entail a substantial investment and organizational reorganization.

