Pakistan, among the top 5 targets of US National Security Agency, has taken steps to secure its cyber front, said a recently published report by “The News”.
Considering the revelations made by Edward Snowden, it was established that NSA may penetrate into Pakistani cyber space again to steal sensitive data relating to Pakistan, its domestic politics, strategic and economic interests and its nuclear programs, by tapping into computer networks of Internet service providers such as email, video-sharing, voice-over-IPs, chats and social networking websites.
National Telecom & Information Technology Security Board (NTISB) has resultantly framed guidelines/techniques for protecting government business from possible hacking attempts from domestic and foreign threats.
On recommendation of NTISB, Cabinet Division has communicated the guidelines to all ministries, government divisions and departments.
“Recent wave of stealing the sensitive official data by US NSA has raised serious concerns warranting the implementation of all policies and guidelines in true letter and spirit,” the Cabinet Division noted in a letter to all ministries, departments and divisions.
“USA being the leading country in the field of communication and IT is using multiple tools mainly through electronic surveillance, ground and air intelligence platforms like satellites, recording telephonic calls, gathering public pulse through e-mails filtering, radio monitoring, communication leaks, vulnerabilities in IT based networks carrying sensitive data and other sophisticated means, covertly or overtly,” the Cabinet Division noted.
It merits mentioning here that in one of the maps revealed by Edward Snowden, based on the amount of telephone and email communication data collected by NSA, Iran was shown as the primary target, warranting 14 billion reports, followed by Pakistan (13.5 billion), Jordan (12.7 billion), Egypt (7.6 billion) and India (6.3 billion).
Keeping in view the intents of NSA, NTISB framed following guidelines:
- All government officials and officers must not use private emails (such as Gmail) for exchange of official correspondence
- Official data should not be stored/ copied on personal computers and laptops and personal USB at any cost
- Official data should not be stored/ copied on computers with internet connection
- No official/ classified information should be placed on internet by any means
- Uploading of sensitive information on social media should be avoided
- Uploading of videos and photos of official meetings should be avoided
- Downloading of software from internet should be avoided
- All government offices are supposed to get internet connections from National Telecommunication Corporation (NTC) as per policy
- Official personal computers (PCs) having sensitive data must not be provided with internet connection
- Contents placed on official websites must be properly scrutinised and approved for uploading
- Internet usage in government departments be regulated and access be provided with limited user privileges
- Internet computers be isolated and the network security must be ensured and internet provision be controlled by the highest administrative authority in the ministry, division or department.
The Security Board noted that presence of sensitive/ official data on the web had made the government official entities hostage and vulnerable to hostile ingress and sudden access by unknown intelligent IT mafias, suspected hackers as well as individual secret agents.
Misuse of this information fairly acquired from such an advanced information resource through multiple hacking techniques may invariably cause serious threats to national security.
Keeping in view the NSA’s level of deep penetration into computer and communication networks, it is assumed that above mentioned guidelines aren’t enough to safeguard our national interests.
Further hardening of our ISPs, cellular networks, telecom companies and other liaison channels is needed to cent percent protect our national secrets.
Not to mention, Android, iOS, Windows, Mac and devices of various other makes and kinds are all under NSA’s control that can communicate user data to agency’s control room without any hassle.
Definitely, there is a lot more required than just these guidelines.
Tipped by GS
These guidelines are useless because the gov is using propriety software which contain backdoors. The solution is pretty simple. Use open source software and you will never have to worry about privacy again.
China, Germany, Japan, Korea, Russia, many more are all using Linux at gov level because they knew way before this NSA thing get heated in the media.
Here’s a comprehensive list of software alternates to which are free and open:
http://prism-break.org/
You cannot completely secure your cyber space. America, China, England and many countries who are spending billions of dollars to secure their cyber space are still vulnerable. HTTPS, SSL, and every single device or Software made by US companies have back holes set by NSA. Even if you disconnect those PC’s from Internet which have sensitive data, there maybe a chance that you connect usb with that pc maybe that usb have a hidden program planted in it which copies the disc image from that computer and when you connect that usb to any internet connected computer that image is being forwarded to those who planted the virus.
Now they can directly control your machines. with intel vPro processors
http://www.infowars.com/91497/
I am already giving up on american internet services
moved to turkish and russian services
such as vk.com, russian tube, and very good email service of russia mail.yandex.com