NADRA, that hosts Pakistan’s most critical database, has gone through serious hack attempts originating from United States, reported Daily Express.
It is still unclear if hack attempts were made by individuals or any US State Agency as report lacks the mention of the responsible organization for these alleged hacking attacks on NADRA.
Without citing any names, the report claims that an official of NADRA confirmed the paper that among various other countries, attacks from United States remains at top in numbers for hacking NADRA’s database. Hacking attempts from Israel and India were also recorded.
Daily Express, while quoting the unnamed NADRA official, claims that hack attempts on NADRA increased notably during near past, however, NADRA is all set with security measures in place to ensure the protection of its database.
Hacking attempts from United States account for 35% of total attacks that NADRA received lately. Attacks from Israel and India contributed 20% each towards the total attacks on the database that contains the private and sensitive information of each Pakistani.
NADRA official was confident that Pakistani data is secure and can not be accessed by any individual or organization despite very organized attacks.
Not to mention, a Turkish Hacker — who had hacked PKNIC — once claimed publicly that he had access to NADRA’s database.
Via Daily Express
I think why they are wasting energy and techniques – just give some $ to NADRA persons and they will easily provide whole data of Pakistanis. :)
For Pakistani we have no problem and we don’t care about Country Privacy. :)
sadly yes.
sadly yes.
reminds me of Mr. Dr. Rehman malik. how in his tenure is ready to share (sale) whole database of Pakistan under the name of Nadra DATABASE to US CIA :/ and now they are trying to hack database of nadra. Don’t know what happened next. On the edge if same shit was done by any Pakistani dn Pakis are trying to attack us Bullshit cyber terrorism.
I have also heard from a colleague that Nadra database records were being sold by people on cds in just 200 Rs.
lolx… kaha sy mili gie woh cd :P :D
As I said, I just heard it, not sure about authenticity of it. Believe me specially in gov organizations of Pakistan indeed there are some dirty fish who can do anything for money.
Who knows how many times has that happened already?
A few days earlier, after trying to trace some bank robbers via geo fencing, I was told to get details of around 17,000 CNIC’s from NADRA. A NADRA employee asked me for Rs. 40/CNIC and provided me with all the details, including PLACE OF BIRTH & MOTHER’S NAME. Just to mention, I didn’t know that NADRA employee, nor had any source who got me him. I just went to the NADRA office on Peshawar Road (Saddar, RWP) and requested the person sitting on a desk inside. He didn’t even ask for my name, just asked me for money and handed me over that stuff.. Means, anyone can access the database, and buy illegal SIMS, and do whatever they want. Seeing this, I am positive several sleeper cells and RAW/CIA/MOSSAD agents would’ve already gained access to our entire NADRA database…
geo fencing?
Had a CCTV footage of the robbery, and saw the robbers talking to people at certain times, noted the times and (apparent) duration of the call, and all the mobiles that were connected at those times, in that area, under that signal tower were located and eventually the culprits were caught :)
It is just like sending Taliban in Afghanistan and mujahdins in Kashmir
Srsly WTF?? “NADRA official was confident that Pakistani data is secure and can not be accessed by any individual or organization despite very organized attacks.”
By this statement I’m 101% we’re not safe.
by the way who is safe………………. an organization without a data “is safe from these attacks”……….which is not possible everyone has some information which is in need of any internal or outer source.
NADRA is not the only one. PTCL itself has to endure multiple hack attempts per day, mostly originating in India. The reason for all this is that Pakistan still does not have its own IP core network.
NADRA should be handled by Pak Army. Its very sensitive.
so you mean Asim you do not have the capability to over any problem. when you stop thinking and working then you starting thinking about Pak Army……………Man present yourself instead asking for the help of army in any situation. do other countries have state of mind? no because they do not lose their heart and keep struggle that is how great nation revive…………..be confident in yourself first.
Nadra is safe and trusted by the world
If I am not wrong nadra has contracts for passport processing with
Zimbabwe new zealand & african countries also
If it was not so safe no country will ever hire
it only takes Some merit and professionalism for nadra success
And I see it as a good example for pakistan and pakistanis for brighter future
HAHAHAHA, you make me laugh! That was a great joke man, really funny!
P.S. you’re wrong about New Zealand. Do you know, several hospitals in Zimbabwe and African countries purchase medicines and equipment which is NOT certified by WHO and is not fit for public use. It’s their way to purchase the worst systems SIMPLY FOR KICKBACKS, which NADRA would’ve offered them with open heart…
I am not sure if Pak Army has secure network. They have mentality to keep their network isolated from the internet and we are secure.
It confirms that USA & India are the real enemy of Pakistan. Pakistan ab tu sudhar jao
bari jaldi pta chal gya bhai,
Why on earth they have connected their databases to internet? The ones carrying the citizen data.
Why on earth they have connected their databases to internet? The ones carrying the citizen data.
Its a good point
Man, they need to access database in several cities and countries. Everywhere, whenever someone applies for a renewal/modification of CNIC or Passport, or anything related to NADRA, the request is routed from that country/city to the NADRA database in Pakistan, which can only happen via THE INTERNET. And NADRA doesn’t really believe in secret cables, or heavy encryptions. They’re still living in stone age.
If u people dont know then why crying over it. Nadra has own satellite connections and dedicated secure dsl by ptcl. Network is monitored 24/7 with latest tools. No direct connection of internet is used/allowed. Headoffoice has some servers connected with internet for specific services like esahulat. email .Vetification system. Border management system and some others. And folks about copying data is not feasible because it is whole dataware house with huge databases encrypted and secured.
“It is still unclear if hack attempts were made by individuals or any US State Agency as report lacks the mention of the responsible organization for these alleged hacking attacks on NADRA.”
Let’s get real here, any US, Israeli or any other country’s civilian/individual would have no use for NADRA database (case in point: eb0z, the hacker who got into NADRA’s servers. Only did it to prove a point, not to use their database). Their state agencies however, are a whole different ball game, read: http://www.haaretz.com/news/diplomacy-defense/1.534728
Not to mention, NADRA only knows about the attacks that it was able to stop, what about the attacks it wasn’t able to stop? Iran didn’t know about the Flame virus in its sensitive computers until Kaspersky identified it AT LEAST 2 years later (http://en.wikipedia.org/wiki/Flame_(malware) ). If a Turkish individual can hack NADRA’s database (again, eb0z), then their security measures have NO chance against the attacks from NSA, Mossad, etc., they’re most definitely compromised.
kia koi bta sakta ha k NADRA ka idara kis nay bnaya tha?
People are very confused and concious about NADRA… and it is mostly due to Snowden leaks but i, being a part of NADRA knows that security measures are upto the mark. Their are multiple servers with different kind of data and connectibity i.e interanet and internet. Also teradata is official partner with world best datawarehousing solutions. Security departement is also there to monitor whole network. So be relaxed. We do care ehat we have….
“Trying to hack nadra database” shows me the depth of author understanding about pentesting and cyber security …
Please read a subject before writing like this.
bhai, he is not as capable and educated as you are. Please spare the poor lad. Pretty please? And what is pentesting? Where we test our pens prior to an exam? And cyber security? Why are you making life harder for us :) ?
Pentrating test not that adult version its computer version ever heard of backtrack its that sh**
I think 99% pplz comment here have no idea about server/database security BTW you have no idea how professional Nadra and few other gov depat are my company working with some of them. Pakistan ko har jaga badnaam krny sa acha ha kuch krlo bht burai ha pak main baat ko pee jawo, khud hasab lagwo Pakistan ke taref kitni dafa ke aur burai kitni dafa ke?
If the attempts were directed at disrupting the system then maybe its understandable, but if they just wanted to know the home address, ph no and kids details then I am sure they can think of more important things to do than this ….. :-)
If the attempts were directed at disrupting the system then maybe its understandable, but if they just wanted to know the home address, ph no and kids details then I am sure they can think of more important things to do than this ….. :-)
Nothing is secure on the Internet
Nadra has a very secure and encrypted database, they do transmit the data from different locations to their HQ in Islamabad, all transmission is encrypted, its not open to air kind of transmission. I have worked with their security service for several years, and i can assure you guys its not an easy job to hack NADRA DB. Hackers attack everything, from NADRA to CIA, nothing new in it. However we should not defame our country without any reason.
You dont even know the name of their so-called security department. I am sure, by “security service”, you mean security guards’ service.
Besides, you do not know whether its Nadra’s “database”, or datawarehouse, that houses citizen data.
Arent Propakistani admins surprised that so many NADRA employees were their regular readers? And that they disclosed themselves as soon as this blog post appeared?
He is true while you are just kidding. We have our own “information security” departement having tools and skills to tackle threats. And what about being Nadra employee. I feel proud on my departement and you are just thinking negative instead of knowing whole picture…
Considering the magnitude of vulnerabilities in Mircosoft develpoed softwares .. I think NADARA is already HACKED!!!!
Any one has any idea what binary digits on Nadra logo stands for “1001011011”?