News Updates

Cyberattack Threat Looms Over Pakistan’s Independence Day Celebrations

Hostile elements may launch a cyberattack on the occasion of Independence Day i.e. 14th August 2023 for disruption of services and defacement to tarnish the global image of Pakistan, warned the National Telecommunication and Information Security Board (NTISB).

The Board has issued an advisory, “Prevention against Website Compromise on the Eve of National Days” which noted that hostile elements/state-sponsored malicious actors typically target government departments/ ministries and defense sector websites on the eve of the National Days for disruption of services and defacement to tarnish the global image of Pakistan.

It is likely that hostile elements may launch a cyberattack on the occasion of Independence Day i.e. 14th August, 2023.

Accordingly, an advisory is being sent to sensitize website administrators and Service Providers to take additional security precautions (such as web server hardening, traffic/ integrity monitoring etc) to avoid possible website defacement/ hacking attempts.

NTISB has issued 47 advisories in 2023 so far with respect to cyber-attacks, hacking, fraudulent/fake email etc, and protection guidelines for individuals, government employees as well as websites.

Further NTISB noted that web server administrators should be made mindful of cyber security guidelines including;

Upgrade OS and web servers to the latest version

The website admin panel should only be accessible via white-listed IPs

Defend your website against SQL injection attacks by using an input validation technique

Complete analysis and penetration testing of the application be carried out to identify potential threats

Complete website be deployed on inland servers including database and web infrastructure

HTTPS protocol be used for communication between client and web server

Application and database be installed on different machines with proper security hardening

Sensitive data be stored in encrypted form with no direct public access

DB user’s privileges be minimized and limited access be granted inside the programming code

Proper security hardening of endpoints and servers be performed and no unnecessary ports and applications be used

Updated Antivirus tools/ Firewalls be used on both endpoints and servers to safeguard from potential threats

Enforce a strong password usage policy

Remote management services like RDP and SSH must be disabled in a production environment

Deploy web application firewalls (WAF) for protection against web attacks

Employ secure coding practices such as parameterized queries, proper input sanitization, and validation to remove malicious scripts

Keep system and network devices up-to-date (q) Log retention policy must be devised for at least 3x months on separate devices for attacker’s reconnaissance.

Source: Pro Pakistani