The Federal Board of Revenue (FBR) has averted a major attempt at data leakage by timely stopping infection to the FBR’s computers through a USB device.
Details of the incident revealed that the security incident occurred due to an infected USB drive used in FBR House (Room 571). The high-severity malware on the USB was blocked on the PC, hence a major data breach or systems has been averted.
Upon FBR’s investigation, it was revealed that the end-user (FBR staff/officer) had taken the USB drive to a local print shop in the market for the printing of infection (file) at that shop and this infection was brought back to the FBR network.
“It is once again highly recommended to either block or limit the usage of USB drives on PCs within FBR offices across the count between officers and for printing purposes and plan for an automated Data Learn Protection (DIP) solution to be implemented,” FBR’s IT security officials added.
According to a security circular issued by the FBR, the Chief Information Security Officer (CISO), FBR has reported that the Crowdstrike agent successfully blocked high-severity malware detected on a USB device that was attached to FBR’s network, which could lead to a major data breach in FBR’s system.
The use of USBs carries significant and extremely serious risks. In addition to the obvious possibility of exposure to malware and viruses, it can also lead to unauthorized access, data leakage and vulnerabilities caused by outdated software. In this regard, it is strongly recommended that the usage of USB devices on official PCs within the FBR computer network be avoided in order to prevent potential security threats.
This issues with the approval of Member (IT), FBR, FBR added.
They use pirated windows OS and afraid of usb viruses. What a laugh. 99 percent of computers at govt offices use cracked ms office as well as design software on the same as well.
Han bharway tujha kaisa pata. Hum tou nahi use karta pirated
What the hell is Data Learn Protection?
At least hire a cyber security specialist to proofread your articles. ”Data Loss Prevention (DLP)” etc. So many mistakes in this article.
A buffoon took sensitive confidential information on a usb storage device to a local print shop?
Are there printers at fbr offices?
What was the information that needed to be printed? I suspect that is was sensitive and confidential information meant to be leaked.
Are there any consequences for the person who caused the problem and who attempted to plant malware onto the FBR system?
A thorough investigation is needed.
Why FBR and other government departments use or allow use of USB devices? No international organisations allow this type of activities on their hardware.
Why is this benign incident being reported like this in public? Why wasn’t the resource provided with a printer in-house instead of taking USB outside for printing purposes?