FIA asks banks to upgrade cyber security system

Published November 15, 2018
Law ministry sets up body comprising intelligence officials to formulate recommendations. — File
Law ministry sets up body comprising intelligence officials to formulate recommendations. — File

ISLAMABAD: The Federal Investigation Agency (FIA) has asked banks to upgrade their cyber security wings as per international standards to protect their system from further attacks by the hackers who recently stole huge sums from accounts.

In a series of meetings, which continued for two days in Karachi, it was decided that banks, including the State Bank of Pakistan (SBP), would maintain a regular coordination and exchange information with the FIA.

Headed by FIA’s cybercrime wing director retired Capt Mohammad Shoaib, the investigation agency team held several meetings with IT officials of different banks, including BankIslami, before heading back to Islamabad.

Law ministry sets up body comprising intelligence officials to formulate recommendations

The meetings were conducted in the wake of recent attacks on bank accounts by the hackers, resulting in illegal transfer of money to different countries.

However, the banking sector claimed that there was no threat to the account holders’ money as the banks would reimburse their money in such case after due inquiry.

According to the FIA team, the recent wave of cyber attacks showed vulnerability of the system and, therefore, the banks were asked to upgrade their IT security as per international standards.

The banks claimed that they were fulfilling the cyber security criteria.

SBP officials informed the FIA at a meeting that broad guidelines had already been issued to all banks. The guidelines allowed banks to upgrade their IT system, the officials said. They said: “It is pertinent to mention that the ultimate responsibility for IT security rests with the board of directors and the senior management of the banks/DFIs. They must ensure that the IT systems in their respective institutions have built-in security capabilities to survive real-world threats. In case banks/DFIs do not have in-house expertise, they may like to engage outside IT consultants to prepare/assist them in IT security planning. Furthermore, the Pakistan Banks Association will also organise training programmes on the subject to enable banks to build up their in-house capacity in this area.”

Talking to Dawn, a senior official of the FIA said that banks should have a “cyber emergency response team” to act independently to counter such attacks, as other teams had to get official permission to react to any reported cyber attack.

“It is clear that there cannot be any such move without connivance of bank employee of any person affiliated with call centre,” said the FIA official, adding that banks needed to invest more in their IT sector and ATM cards had to be encrypted, while any such illegal activity by their staff should be reported to the FIA at the earliest so that the network could be busted.

Apart from the meetings held at the SBP office, the FIA team also held an exclusive meeting in BankIslami to further the probe over the complaint lodged by the bank to the FIA office in Karachi.

The bank acknowledged that a significant amount had been transferred from BankIslami by the hackers based in 45 countries. The FIA demanded the bank share data with the agency so that it could be forwarded to their partner agencies in the countries where the crime had originated.

Subcommittee formed

Meanwhile, the law ministry on Wednesday constituted a subcommittee comprising officials of the Inter-Services Intelligence, Military Intelligence, Intelligence Bureau, FIA and Pakistan Telecommunication Authority to urgently formulate recommendations to deal with all types of electronic crimes and suggest amendments to relevant laws.

The decision was taken at a meeting of the inter-ministerial committee on the Prevention of Electronic Crimes Act, 2016, which was held at the Ministry of Law and Justice.

Minister for Information Technology and Telecommunication Khalid Maqbool Siddiqui, Minister of State for Interior Shehryar Afridi and Parlia­mentary Secretary for Law Maleeka Bokhari also attended the meeting.

They discussed the need for establishing a forensic agency in collaboration with security agencies. Law Minister Dr Farogh Naseem said there was no legal hitch to establish multiple ‘investigating agencies to look into prevention of cybercrimes’.

Published in Dawn, November 15th, 2018

Now you can follow Dawn Business on Twitter, LinkedIn, Instagram and Facebook for insights on business, finance and tech from Pakistan and across the world.

Opinion

Editorial

Worsening hunger
Updated 08 Dec, 2022

Worsening hunger

THAT the dollar liquidity crunch has started hurting the import of essential items such as vegetables and raw...
Bannu beheading
Updated 08 Dec, 2022

Bannu beheading

The state must take up the cudgels and neutralise barbarism before it spreads.
Smog misery
08 Dec, 2022

Smog misery

IF 2022 has taught us anything, it is that generations of reckless disregard for Mother Nature has accrued very ...
Disquiet on the western front
Updated 07 Dec, 2022

Disquiet on the western front

IT is very difficult for Pakistan to be delinked from Afghanistan, because of reasons of geography and history.
Fuel from Russia
07 Dec, 2022

Fuel from Russia

THE apparent headway made with Russia for the purchase of its crude oil, petrol and diesel at discounted prices is a...
More women SHOs
07 Dec, 2022

More women SHOs

IT is encouraging to see more employment avenues opening up for women in Pakistan, with an increasing number of...