National Institutional Facilitation Technologies (NIFT), responsible for clearing all cheques across Pakistan, was hit by an attempted breach on its systems that took down both of its data centers in Islamabad and Karachi last week.
“During the early hours on Friday, June 16, 2023, an attempted breach on NIFT’s systems was detected, which was contained on an immediate basis through our security measures. We were able to prevent any significant compromise of our data or systems,” it said in a statement issued on Friday.
In response to a question about the nature of the breach, NIFT stated, “We have gathered preliminary evidence of a well-organized attempt. This attempt was detected very quickly, isolated, and halted. The detailed assessment in this regard is still ongoing. The effort is being spearheaded by a top-tier independent security assessment firm hired by NIFT and under the constant and close supervision of the State Bank of Pakistan. There is no evidence of employee negligence.”
The statement said that NIFT is working to restore services as quickly as possible. According to sources, NIFT has yet to fully recover even after 5 days.
A NIFT official told ProPakistani that cheque clearing resumed on Monday, albeit, with a different process as services have not yet been fully restored.
In response to ProPakistani’s question about potential data loss, the official response said, “The independent security assessment firm hired by NIFT is continuing its investigation into this matter. Our preliminary assessment is that there was no data loss but it’s early to say anything definitively. It’s important to highlight that at NIFT our customer’s data and privacy is sacrosanct. Every effort is made to keep the information secure and NIFT is working diligently to ensure this.”
NIFT had directed banks to switch to back up process to isolate the affected cheques-clearing system. The normal cheque clearing system is responsible for handling Rs. 150 billion worth of cheques on a daily basis.
Despite the substantial volume, NIFT affirmed, “It is important to note that day-to-day cheque clearing operations are continuing and we are assisting all the banks under the supervision of SBP for successful processing of all cheques presented for clearing. This is a testament to our BCP and DR plans since we have been able to amend our cheque-clearing process to provide continuous service to our customers. Having said that we are working diligently to restore the isolated systems as quickly as possible without compromising on security.”
Incident Response Consultant Umair Ali Zafar told ProPakistani, “Getting hacked is more of a when the question and not an if question. The reason is that while defenders need to secure every nook and corner of an organization, the hacker needs only one opening to get in”.
He explained, “Ideally, companies should invest in a more robust architecture. This means that even if some part of the organization is hacked, the attack can be contained and it is not easier for the attacker to run amok throughout the whole organizational infrastructure. For this, the cybersecurity industry has devised best practices such as resource isolation and Defense in Depth, which help organizations limit the impact of an attack on an affected part. It is similar to having multiple layers of security and isolating different parts of the digital infrastructure such that they can be shut off from each other in cases of attacks”.
As for the recovery timeline, NIFT stated, “Day-to-day Cheque clearing is proceeding. The affected and isolated system will be brought back up once the investigation is complete, the system is sanitised, and SBP gives us clearance.” The organization reassured that their day-to-day clearing had resumed from Monday 19th June, and the website was up on Tuesday, 20th June. The NIFT team and security consultants are working day and night on giving a clearance of full-fledged resumption of services.
Cybersecurity is a key challenge for organizations and unfortunately, frequency of these attacks are increasing. Commenting on this challenge Badar Khushnood, former Chairman of Pakistan Software Houses Association (P@SHA) and a digital media expert said, “any device connected to the internet will be attacked, what’s important is how prepared an organization is to detect and respond to the threat. NiFT moved swiftly to recover and bring up their cheque-clearing services which is no mean feat.”
He also mentioned that recently a popular motorcycle ride-hailing app’s 3rd party service provider was also attacked. Moreover, the Federal Government of Pakistan also recently issued a circular to all provincial governments, ministries, and divisions, cautioning them about possible cyber-attacks from hacking networks supported by Russia and Israel.
The article was updated with NiFT’s response on the recent hack.
Very well written article. It’s a good read for students of banking and financial markets. Good job Jahangir Nasir.