The Federal Board of Revenue (FBR) has started a forensic investigation of data hacking through experts to search for the Russian hacker and put necessary protocols to avert such incidents in the future.
Sources well-aware of the developments told Propakistani that it is extremely difficult to locate the hacker, but we have started an investigation in this regard. The forensic audit or investigation is also underway and the Irish company and other experts have been engaged in the process.
At the same time, the FBR has also started work on the disaster recovery system by placing all FBR’s data at a different place for disaster management. The disaster recovery system would ensure that the FBR can run a parallel system of databases in case FBR has to close down main machines in the future.
The FBR is searching for the Russian hacker as well as one buyer of the FBR system keys and passwords. But it is not an easy task, officials said.
The FBR is simultaneously working on placing extra protocols to avert such kinds of cyber attacks on the FBR system in the future. Thus, the third-party forensic investigators were engaged both in placing security protocols and searching the hacker.
In 2008, the FBR had established a “disaster recovery system” for maintaining a complete backup database of importers/exporters in case Pakistan Customs Computerised Clearance System (PACCS) information was accidentally destroyed. In the past, the suicide attack at a hotel in Islamabad had also destroyed the Evacuee Trust Building where PRAL had maintained its database of taxpayers. Under precautionary measures, importers/exporters’ data was saved at different locations outside the PRAL office to secure data.
Recently, Chairman FBR, Dr. Muhammad Ashfaque told the media that the cyber attack on FBR’s database succeeded in disrupting the system but failed to get access to any data or transaction details. There was no evidence that the FBR’s data was leaked but the attackers remained succeeded to disrupt our system. “There has been a breach of our system and it seemed that the attackers did not want to go beyond that,” he said and added there was a total of 850 data machines out of which 400 got disrupted.
“The data was not lost at all” he made it clear. When asked that the data was sold at $26,000, he said that nothing of this sort had happened. He further said that there were hectic procedures involved for procuring $80 million with the help of World Bank money and it was hoped that all required procedures for making procurement would be completed soon, tax authorities added.