Recently, in an interview, Rafay Baloch presented his claims concerning the recent massive cyber-attack on the Federal Board of Revenue (FBR). Rafay Baloch is a Pakistani white-hat hacker and security researcher recognized for his discovery of vulnerabilities on the Android operating system. Baloch has been engaged in bug bounty programs and has reported numerous critical vulnerabilities in several open-source web applications. He has also discovered crucial vulnerabilities in PayPal in the year 2012: he hacked into PayPal servers by employing a remote code execution vulnerability.
The FBR Data Was Put on Sale on an Underground Hacking Forum
In the interview, Rafay Baloch stated that the FBR cyberattack took place on the 14th of August, and around 4 days ago on 10th August, in one of the underground hacking forums, FBR’s entire network’s access was put on sale. On the forum, the sellers were providing the access to around 1500 computers of the federal agency and demanded an amount of $26000.
According to the security researcher, the access to the FBR’s systems and data had been compromised before the 10th of August and had been put on sale on the dark web by the 10th of August. Consequently, someone purchased the compromised data and made the event known on the 14th of August.
The Government Needs to Conduct an In-Depth Investigation of the FBR Cyber-Attack
In another question in the interview, Baloch stated that on the very same underground dark web forum, access to the websites of the Ministry of Information Technology and the Ministry of Finance was also being sold. He further continued, “Right now the government entities need to show transparency to the public and bring out the facts.” He also stressed that there should be an independent investigation in regard to the compromised data, as how much of the said data is in the hands of the enemy and has any data been deleted.
Moreover, according to Rafay Baloch’s independent sources, a major mass of the sales tax input data and monthly sales report data has been erased. As many of the tax consults are not able to access their client’s data. Therefore, the government’s investigation should inform the public that what is the magnitude of the said erased data, and how much of the data were the hackers able to access.
Was There No Backup of the FBR’s System?
In the interview, Baloch questioned that why one most important government agencies in the country, did not have an online backup? For instance, if one system was down in one location, so could it not be revived from another mirror site? Therefore, it is crucial to bring the fact-finding report in front of the public of Pakistan”, said Rafay.
He also discussed that historically Pakistan has endured cyber-attacks on the 14th of August, whose responsibilities have been claimed by Indian attackers. Therefore, attackers from Pakistan’s cyberspace also perform the same action on the 15th of August by compromising Indian websites. According to him, these activities have become a trend in the past decade. Therefore, he considers that the prior warning of a possible cyber-attack was issued to FBR on basis of this factor.
Rafay Baloch further stated that if there are security controls deployed in an organization, then if the company is being invaded by the cyber-attackers then the early indicators of the security controls are activated to alert the organization. However, if the IT experts of the firm do not catch these indicators, then it is just a matter of time for the attackers to invade the organization and steal the data.