Cyber threats and incident response capability - a case study of Pakistan

Abstract

The tremendous growth of information technology has abruptly changed the world into global village. It has caused the distances to shrink and information to flow across the globe as it occurs. At the same time it has also given boost to vulnerabilities, threats, frauds and criminals in the cyberspace. The ease of access, user friendly hacking tools and sophistication in cyber attacks has infringed the privacy of the individuals, organizations and states. Pakistan is facing multifaceted cyber threats in the present era. The cyber attacks occurred on the government, corporate and private sectors within last couple of years has been analyzed in this paper to identify nature dynamics of threat to Pakistani ICT infrastructure and resources. The study highlights wide range and variety of cyber threats ranging from normal website defacement to sophisticated and persistent cyber threat. Further, existing response capability at government and organizational level is evaluated and the shortcomings have been highlighted. It is feared that non existence of any cyber security laws, void of response mechanism and lack of organizational framework in the country may offer Pakistan cyberspace a heaven for the criminals and malicious operators / users. It is noted that Pakistan government not only requires realization of cyber threats and consequences of its uncontrolled usage but also needs appropriate response mechanism to guard against such threats. A top level organizational structure is proposed in this paper for establishment of essential cyber security bodies at different tiers, responsible for securing cyber space of the country by introducing necessary legislation and formulating the response mechanism at different government tiers.