Featured Pakistan identifies major cyber-attack by Indian Intelligence Agencies: ISPR

[LeGenD]

Indians infiltrated some Pakistani accounts on Whatsapp and Facebook as well. Fellow members should be careful in use of any social media platform in current times.

 

[ghazi52]

 

[Pathetic_Soldier]

Pak can ask China for assistance or Iran..

 

[FuturePAF]

Mobile phones and apps are big security risk.

Army shud look into issuing own phones with own operating system

Working with the Chinese for special encrypted phones that don’t operate any non-Chinese software. Then we can build our own apps on this platform to communicate. It should’t even have a GPS chip, just one for Beidou.

 

[S A L M A N.]

'By the time the bureaucracy becomes aware of any technology, it is already too late.'
While there may be some pockets of fairly good capability wrt cyber security/defence and even cyber warfare, it is too fragmented and uncompetitive to be of any great utility. In summary, the ship has sailed.
We must reform our lumbering and incompetent bureaucracy because it has turned into a grave security threat.
While it may be too late, we need an overt national effort. Recruit the best hackers, nerds and cyber security geeks and engineers you can find. Send the top lot abroad to get formal degrees if needed. Make a crack squad under the administrative authority of the military, put it directly under the PM Office and (most importantly) - have it led by a civilian professional, not by a colonel or brigadier.
We must develop an offensive cyber warfare capability on war footing.
War has been brought down from the strategic to the operational, then to the tactical and now to the cyber level. It is just as important now to have a cyber deterrent as having a nuclear deterrent. Just as India developed the Cold Start doctrine to exploit our weakness in the conventional sphere, it will now engage in unrestricted cyber warfare because in its assessment, we have a hole in cyber defence capabilities.

 

[SQ8]

It infected more than a few thousand phones of civilians as well but they targeted certain cities specifically and number blocs - used a whatsapp trojan among other things

 

[SQ8]

Best option is to replace all official phones with a non-android or IOS based OS phone designed for official communication only.

The drawing room group remains on a personal phone.

 

[Pandora]

Pakistan needs to start developing cyber weapons. We have a huge pool of engineers and cyber security specialists which we should utilize to develop Torjons, Malware, Viruses to teach Indians a lesson.

 

[ps3linux]

We can have the ears, but can't put this into their head .... we

Hmmm I thought as much, but I think our duty is to keep informing the decision makers about the potential disaster if we don't have both defensive and offensive capabilities.

I did submit my detailed recommendations last year to Lalkurti through my class/batch mates hopefully one of them will make 2 stars this year. Gave them a presentation as well but all I gather is this is gibbersih to most of our uniform personnel I am talking about officers and not JCO/NCO. BTW I did encourage few of the guys in unifrom to join here apart from copy/paste bots, one liner experts and children come serious material could be found here.

But I have a suspicion that something is not just in the works, rather something is already there along these lines.
So its not a total wastage of time, if we keep making them aware about dynamics of SigInt in a modern world so that they do come out of their 2nd world war mindset.

if you @Foxtrot Alpha or @The Eagle want to discuss privately or through email you know how to reach me.

 

[NA71]

Hmmm I thought as much, but I think our duty is to keep informing the decision makers about the potential disaster if we don't have both defensive and offensive capabilities.

I did submit my detailed recommendations last year to Lalkurti through my class/batch mates hopefully one of them will make 2 stars this year. Gave them a presentation as well but all I gather is this is gibbersih to most of our uniform personnel I am talking about officers and not JCO/NCO. BTW I did encourage few of the guys in unifrom to join here apart from copy/paste bots, one liner experts and children come serious material could be found here.

But I have a suspicion that something is not just in the works, rather something is already there along these lines.
So its not a total wastage of time, if we keep making them aware about dynamics of SigInt in a modern world so that they do come out of their 2nd world war mindset.

if you @Foxtrot Alpha or @The Eagle want to discuss privately or through email you know how to reach me.

Welcome back bro...remember we were discussing Cyber domain in private two years back along with @baqai ...and here we are again...with same status apparently.

 

[Zulfiqar]

Best option is to replace all official phones with a non-android or IOS based OS phone designed for official communication only.

The drawing room group remains on a personal phone.

This is the practice in some strat orgs that I know. Old nokia type non-android phones for seniors (without camera). Juniors are not even allowed one in office.

Reminds me of a time some years ago when I used to live in a particular cantt/area. Our lines were similar to the army ones (no/partial caller ID and stuff). We were cut off from the rest of the civilian network (also affecting the colony's internet) because of an alleged cyber attack.

The network was restored after a few days.

But I have a suspicion that something is not just in the works, rather something is already there along these lines.
So its not a total wastage of time, if we keep making them aware about dynamics of SigInt in a modern world so that they do come out of their 2nd world war mindset.

It is according to someone I know. However, lets see if it is allowed to flourish without any red tape.

Apart from above, the army asked all officers (even retired ones) to leave whatsapp groups to minimize chances of malware spread.

https://defence.pk/pdf/threads/sentinels-of-the-sea-heroes.606649/#post-11254909

https://defence.pk/pdf/threads/paki...bal-whatsapp-hack.641586/page-2#post-11869269

 

[baqai]

trying to explain cyber security to people is like hitting your head against the wall, when the general practice of keeping your passwords same for multiple platform and those passwords are mostly name derivations of your spouse, kids or pets it doesn't take a so called "COOL HAX0R HACKER" to figure your password out, it's matter of having persistence and motivation.

when it comes to security everyone is like YES APPLY IT (but not to me please, i need to use my whatsapp to send those nudes and b rated jokes to my friends)

 

[Cookie Monster]

Mobile phones and apps are big security risk.

Army should look into issuing own phones with own operating system

Samsung recently showed some QRNG(quantum random number generator) tech. It involves an LED(which generates random image noise)...a sensor then detects this and generates truly random number strings(as per Samsung's claims).

Similar sort of tech can be researched and developed locally. Additionally...a fork of android can be created with heavy emphasis on security features. These phones can be handed out to armed forces, government officials, and anyone involved in matters that require strict security measures.

IMO Pak gov should reach out to some Chinese company with an offer to set up shop in Pakistan...as in they will make their phones in Pakistan. Give them some initial tax breaks for a few years...and some guarantees as to how many phones will be bought per year for armed forces, government officials, etc.(as in some amount of guaranteed sales). In return some Pakistani entity/company(whoever is made in charge of implementing such security features)...would be allowed to modify the hardware/software of the phones. This would be the quickest method to roll out such phones to armed forces personnel.

 

[S A L M A N.]

I believe there's already an existing policy that no USBs or external storage devices should be connected to any computer/laptop in government/defence/military-related offices
However, we must also look at the risks that even COTS computer hardware and peripherals and network equipment like keyboards, webcams, biometric devices, hard drives, processors, switches, routers etc can cause. You can never trust them.
Long term, we should have a clear policy for using totally indigenous hardware at least for defence and strategic applications.

 

[ps3linux]

Welcome back bro...remember we were discussing Cyber domain in private two years back along with @baqai ...and here we are again...with same status apparently.

Sorry for the late reply, Wednesday late eve I was requested to deliver a detailed lecture to a certain uniformed group actually two one for officers and one for JCO on Thursday and it went pretty late last day. Yes sir we are discussing the same all over again, this time the difference is they are trying to engage people who can give them tips to be on the safe side. so I would say they are conscious about the defense let hope they do realize a best defense is an offense even in the cyber warfare arena.

Oh yes @Foxtrot Alpha , @The Eagle there is something some department or a group with some good resources doing the defense/identification I got the wind of it yesterday but no one want to speak much about it.

This is the practice in some strat orgs that I know. Old nokia type non-android phones for seniors (without camera). Juniors are not even allowed one in office.

Apart from above, the army asked all officers (even retired ones) to leave whatsapp groups to minimize chances of malware spread.

I can certainly vouch for both of them all our class fellows and course mates have left the schools group, college group. They don't even reply to whatsapp messages, only phone calls and some times sms. Yesterday I saw only one senior office carrying a smart phone rest of them were either not carrying any mobile or something like elcheapo nokia.