Hacking alarms

Published November 8, 2018
FIA has acted in haste by issuing an alarmist warning about the hacking and breach of data. — File photo
FIA has acted in haste by issuing an alarmist warning about the hacking and breach of data. — File photo

WHILE there is certainly cause for concern, the FIA has acted in haste by issuing an alarmist warning about the hacking and breach of data from Pakistani banks; such actions are not helpful in crafting a response to the emerging cybersecurity threats faced by the country.

The director of the agency’s cybercrime unit put out a statement that caused panic among millions of users of credit and debit cards. Former interior minister Senator Rehman Malik seized the opportunity to demand a report from the State Bank on the matter, further fuelling the news cycle on the issue.

The FIA’s basis for the statement alleging a wide breach of data in Pakistani banks was a document put out by a private-sector company that describes itself as an IT security firm, as well as its claim that reports by consumers of misuse of their banking data have seen a sharp rise in recent weeks.

However, only one example was given of this sharp rise — that of an Islamabad-based resident who allegedly had Rs2.6m withdrawn from his or her account because of what the FIA claimed was a breach of card data.

It is hard to imagine, though, how Rs2.6m could be taken out from an account using card data, unless the withdrawals were spread over a longer period of time.

Cybersecurity in the financial system is an important matter, no doubt, and much more work is needed to ensure that the proper safeguards are in place going forward, given the growing role that technology is going to play for payments and settlements in the future.

Consumer protection is also crucial, and already the absence of appropriate data protection legislation is being felt. But spreading panic and stirring politics is not the answer.

If Senator Malik, and others in parliament who raised the issue, are serious in their concern, they should ask, instead, for a copy of the draft Personal Data Protection Bill, 2018, and look for ways to accelerate its passage. The provisions of that bill can go a long way in strengthening digital security in Pakistan.

Its implementation, of course, will be key.

Typically enough, we see a floundering, disorganised and sound-and-fury type of a response from the state to what is otherwise a complex and sophisticated challenge.

There is no reversing the growing role of digital architectures in the financial system of the country; strengthening digital security goes hand in hand with this phenomenon.

Sadly, an episode which should have awakened the state authorities to the important role they need to play in this regard has, instead, turned into another performance and opportunity for grandstanding in the headlines.

The State Bank needs to do more to provide leadership by providing a road map for cybersecurity in Pakistan’s financial sector.

Published in Dawn, November 8th, 2018

Opinion

Editorial

LNG crisis
27 Jun, 2022

LNG crisis

CASH-STRAPPED Pakistan’s energy crisis is set to worsen over the next several weeks as it struggles to procure LNG...
Bloc politics
27 Jun, 2022

Bloc politics

USING the platform of the 14th BRICS Summit, Chinese President Xi Jinping has made some interesting observations...
KCR dream
27 Jun, 2022

KCR dream

RAILWAYS Minister Saad Rafique has basically clarified what many a commuter in Karachi has known for long: true and...
Outlawing torture
Updated 26 Jun, 2022

Outlawing torture

Physical or psychological torture is now considered almost a given in police and intelligence investigations.
High-profile case
Updated 26 Jun, 2022

High-profile case

IN a ‘breaking news’ culture, it is not often that such a significant development in a high-profile case can be...
Daska redux?
26 Jun, 2022

Daska redux?

AS the clock ticks down on the by-elections scheduled for next month on recently vacated Punjab Assembly seats,...