After the recent large-scale cyberattack on the Federal Board of Revenue (FBR), the hackers now have access to the data of the taxpayers saved in the form of a database by the FBR. Following the FBR cyber attack, the cybercriminals are now selling FBR’s network access on the Russian cybercrime forum.
Hackers Exploited Vulnerability in Microsoft Hyper-V Software
This breach occurred due to the vulnerability exploited in the Microsoft Hyper-V software and hacked the official FBR website along with all of its subdomains. In addition to this, the hackers are selling the access to FBR’s systems for $26,000 (PKR 4,274,000, £19,000, €20,000). The group is also demanding $30,000 (PKR 4,000,000, £21,000, €25,000) else they will infect all the devices on the FBR’s server and transfer them to interested buyers.
FBR’s Network Access Leaking Is a National Crisis-Like Situation
The Federal agency has acknowledged the data breach and reported it as “a national crisis-like situation.” “The FBR has experienced a severe cyberattack on our data centers. All applications have been shut down and need support from all teams,” stated the internal alert issued by the bureau.
In a statement to local media, a senior FBR official stated, “The data center’s virtual machines were attacked and the attackers managed to exploit the weakest link, which is the hyper-V software by Microsoft Inc.” Furthermore, the FBR officials have also told, “Yes, the cyberattack on FBR affected all our online systems of the FBR official website, but the data of Pakistanis citizens is fully secured”.
“Since the virtual environment has been damaged, we are trying to create a new virtual environment that may take up to two days,” said another official from the information technology department.
Furthermore, the FBR’s IT team, consisting of IT experts and officials of Pakistan Revenue Automation Limited (PRAL), worked on the restoration of the hacked FBR’s systems on Sunday. All of the FBR’s websites, including an official website, return-filing ‘IRIS’, FBR-Taxray, E-payment, sales tax refund status, the Tax-Assan App, e-registration, income tax registration, refund modules, and customs clearance WEBOC were down and compromised.
FBR Cyber Attack Did Not Harm Taxpayers’ Data
According to FBR, no taxpayer data has gone into the hands of hackers. However, most of the front-end functionalities have been affected as a result of this cyber attack on FBR systems, which would be fixed in the next 1-2 days. Concerning the access of FBR’s data bank to the hackers, the sources have confirmed that no such thing has happened.
Not the First Cyber Attack
Although Pakistan has highly skilled ethical hackers and cybersecurity researchers, its cyber-infrastructure continues to remain defenseless against all classes of cyberattacks. For example, back in 2019, the official passport application tracking website of Pakistan was hacked in a well-bred water hole attack. Even at that time, FBR’s website along with its subsidiary domains such as Pakistan Revenue Automation Limited (PRAL – Pral.com.pk) was down.