Cyber Attacks in Pakistan and the Middle East Countries
While Middle East countries have faced humanitarian disasters spawned by Syria and Yemen since time immemorial, a greater problem now faces these countries: cybercrime.
Cyber war is a pretty new phenomenon with countries like Iran conducting their first cyber-attack against rivals during diplomatic crises in the year 2012. A group of Iranians calling itself the ‘Cutting Sword of Justice’ launched an attack on Saudi Arabia’s national oil company-Aramco in 2012. The move not only left 30,000 workstations paralysed, but also affected workstations in the Qatar-based company RasGas.
According to Saudi Arabia, the attack was aimed at curtailing all the operations in the oil and gas production company Aramco. The operation targeted other Middle Eastern countries like Kuwait, United Arab Emirates and 12 others with a focus on important sectors like education, technology, transportation, defense and telecommunication.
In the wake of severe diplomatic ties with the Middle East countries, anonymous hackers have attacked key websites in Saudi Arabia’s Defense Ministry, while the Syrian Electronic Army planned attacks aimed at Qatar, Saudi Arabia and any other countries in support of rebel groups in Syria. The gang not only targeted major news networks such as Saudi Arabia’s Al Arabiya and Al Jazeera but also has also destroyed the website of the US Army.
Cyber Attacks in Pakistan
Here, cyber-attacks are launched differently. High-profile functions such as Independence Day and cricket matches are targets, and hackers have targeted Pakistani and Indian websites in retaliation for a past game before and after Independence Day.
For example, an Indian hacker group called ‘Black Hats’ confessed that it was responsible for the 7 January 2016 cyber-attack in Pakistan. The latest cyber-attack had some Indian hackers retaliating after a deadly cyber-attack on the Indian Air Force base on 2 January 2016.
How Middle East countries perceive cyber security
Sadly, most Middle East countries are very critical of cybersecurity. In fact, cybersecurity is viewed as an external threat whether it is an internal or external cyber-attack. This is because most leaders, business people and the government believe it to be an incredibly new phenomenon which they are not yet used to.
Most governments lay more emphasis on the offence and how they ought to retaliate rather than measures to combat cybercrime. The most recent Gulf Information Security Expo & Conference (GISEC) indicated that most Middle East countries only take proactive action in cybersecurity in the face of severe attacks.
During the talks, they cited fear of more cyber-attacks after the last Cyber Caliphate attacks and stories about the Syrian Electronic Army. Research done by Symantec and Deloitte found that more than two-thirds of organizations in the Middle East were incapable of protecting themselves from sophisticated cyber-attacks.
What’s more, close to 70% of the region’s IT experts lack confidence in their company’s cybersecurity measures. Also, the government does not make it any better by making just a few regulations and allocating few resources for executing cybersecurity policies.
Cyber security measures
Despite this gloomy look, some Middle Eastern countries like Dubai are proactively participating in cyber security measures by setting up new IT departments and creating awareness of significant infrastructure challenges.
In the last year for example, the UAE government put up the Dubai Centre for E-Security that would help develop safe ways of exchanging info among the UAE countries. But we can all agree that more stringent cybercrime measures need to be set up in Middle East countries.
In Pakistan, stringent cybercrime policies have been brought into place. In the light of counter cyber-attacks, the Pakistani legislators found it necessary to amend a bill that deals with these crimes (Prevention of Electronic Crimes Bill PECB2015). Section 31 of the new law states that the government is bound to rid off access to any website or online sources it deems inappropriate.
According to the Pakistani government, the law aims at protecting its citizens from cybercrimes but, the bill has faced a lot of criticism. Most IT experts and online social media users find the new law draconian and punitive.
An earlier version of this article appeared on infosecurity-magazine.com
The views expressed in this article are those of the author and do not necessarily represent the views of CourtingTheLaw.com or any organization with which he might be associated.