According to reports, Pakistan’s Federal Board of Revenue (FBR), the largest data center in Pakistan, has been compromised in a Major Cyber Attack and all tax machinery websites have been rendered unreachable.
“The FBR’s website has been temporarily unavailable due to scheduled maintenance,” the website stated when it was first opened.
A senior official said that there was a “national crisis-like situation” since Saturday at 2 am and that we might not be out by Sunday evening. He spoke to The Express Tribune under anonymity.
FBR acknowledges Cyber Attack on its Data Center
The FBR, on the other hand has acknowledged the data breach. They described it as a “national crisis-like situation”.
“The FBR was the victim of a serious cyberattack on its data centers. The agency issued an internal warning that all applications were shut down. They need to be supported by all teams.”
A senior FBR official stated that the attack on the data center’s virtual machines was successful and that the attackers were able to exploit the weakest link, which was the hyper-V software from Microsoft Inc.
“Since our virtual environment was damaged, we are trying create a new one that could take up to 2 days.” Another official from the information technology department said “We are working to restore websites by tomorrow afternoon, and essential data centers by tomorrow evening. This is to avoid further damage from transferring data in haste.”
Officials also described the attack as cyber-terrorism on August 14th, our Independence Day.
The authority issued a press release about in-progress service optimization activities at FBR House Data Center Islamabad.
FBR stated that the technical team is currently migrating service. FBR IT Operations will see an increase in productivity after the migration is completed. The statement stated that this migration is required to enable the system to be upgraded in order to provide the best service to clients.
“Services are being provided to stakeholders by the data center. However, there were unanticipated anomalies in the migration process which have caused the unavailability services since the early hours of the morning. To minimize downtime, the FBR team will ensure that services are restored as quickly as possible. This activity should be complete within the next 48 hours.”
It stated that FBR regretted and apologized for any inconvenience it may have caused, and appreciated the continued cooperation of all stakeholders.
Cyberattack was mainly caused by vulnerabilities in Microsoft Hyper-V Software
Officials stated that the FBR cyber attack had affected the virtual environment at the data center. He said that the attackers were able to exploit the weakest link in the attack on the virtual machines of the data center, which was the hyper-V software from Microsoft Inc.
He claimed that Pakistan had contacted Microsoft to help recover the computer from the attack.
The official stated that it was cyber terrorism on Independence Day and that attackers are still unknown.
“We are trying to create another virtual environment because the virtual environment was damaged,” stated another official of the department of information technology.
“We will restore the websites tomorrow afternoon, and the vital data center tomorrow evening. We don’t want to do more damage by moving data in haste.
Sources claimed that hackers had attempted to hack the data rooms over the past few days. There was also a warning that a serious cyber attack on FBR might be imminent. The FBR ignored these warnings, and eventually the hackers were able to seize some data.
Another source claimed that the FBR was alerted to the attack by the attackers after they began affecting the environment. Last year’s March 23rd attack on FBR’s datacenter was unsuccessful. They managed to get into the system again, however.
Sources said that there has been a national crisis like situation since yesterday at 2.00 AM. Shipments have also begun to be affected by the shutdown of all FBR websites.
These attacks occur at a moment when the government is reviewing an attempt to grant access to FBR’s database to the National Database Registration Authority (NADRA).
FBR’s database contains trillions of rupees transactions and details about the wealth, income and expenditures of its citizens.
You can also find details about the transactions that they have made with their personal and business accounts, as well as information about the various withholding taxes that were applied to these transactions.
The FBR received information about the attack and issued an internal warning that it had “experienced a serious cyberattack on its data centers.” All applications were shut down, and all teams are required to assist.
Sources claim that the FBR’s technology as well as its data backbone, Pakistan Revenue Automation Limited (PRAL), is also down and compromised. PRAL, a technology company, was required to set up firewalls to protect its data centre. However, it did not do this diligently.
The PRAL administration is in chaos and the appointments to the most important organization have been made on the grounds of favoritism.
Sources said that some board members, instead of focusing on policy issues, are involved in operational issues that have led to grouping with the organization.
Sources indicated that it was necessary to assign responsibility for security system breaches. Sources said that the FBR recently appointed a chief information officer to improve data protection and utilization. Due to the gravity of the attack, pressure is building on Customs.
Consignments of fresh vegetables and courier consignments, as well as other goods, are held up at border stations. Because of disconnection from the data source, people are not able to receive the benefits of Active Taxpayers List.
Source: The Express Tribune