We live in strange times. Technological progress has broken all predictable levels of advancements. Everyday humans are now able to do tasks on a daily basis which would’ve been considered witchcraft even a few decades ago. However, this luxury does not come without a cost. With computers and automation gaining more and more control every single day, nefarious forces have started using the same medium to infiltrate and sabotage the systems on which our infrastructure stands. As war moves from the physical to the digital, it is integral that we do all that we can to tackle this dangerous, looming threat.
W e think of the world wide web as an indispensable tool that delivers the world to our doorsteps, but it is also a wide-open conduit for cyber attacks. We have learnt to live with cybercrime, identity theft, credit card fraud, hacking and stealing of personal information, but now there’s a threat that is much more frightening and destructive. Terrorists as well as nation states can get into a network that controls some physical asset and cause it to malfunction or self-collapse just like it was attacked by a kinetic weapon. No reports of troop movements to signal a threat or an air raid warning to give heads up, just a sudden out of the blue digital takedown of dams, power plants, factories, air traffic, financial systems and more. The world is now in a digital arms race against hostile nations, hackers and terrorists. It’s a frightening new world of cyberwar.
An International Threat
In the last three years, cybersecurity has received perhaps more attention than at any time during the last three decades. Proponents of greater cybersecurity have deployed cyber-doom scenarios that frame prospective cyber-threats in terms of “war” and “disaster” and offer the possibility of total economic, social, or even civilizational collapse. The Federal Bureau of Investigation (FBI) has warned that a cyberattack could have the same impact as a “well-placed bomb”. It has officially been referred to as “weapons of mass disruption,” implying that cyberattacks might have impacts comparable to the use of weapons of mass destruction (WMD). Proponents of cyber attacks also describe it as, “A grave and growing capacity for crippling the tech-dependent society.”
Even though everyday is a technological miracle. We can now drive, connect with friends and family, bank, travel but all that convenience has a dark side. In last three years, several high-profile “cyberattack” incidents have served to focus attention on cybersecurity even more sharply than before. These have included two large-scale cyberattacks attributed to Russia. One was against the Baltic nation of Estonia in the spring of 2007, and one against the nation of Georgia in July and August of 2008, which coincided with a Russian invasion of that country.
A National Threat
Pakistan is no different when it comes to the ever-increasing threat of cyber-attacks. In the late hours of October 29, 2021 and early morning of October 30, 2021, a cyber-attack on the National Bank of Pakistan’s servers was detected. The breach of the systems caused nationwide disruption of services at the state-owned bank. Somebody had used an entirely new class of weapon to effect destruction. Although this recent cyber-attack on one of the country’s biggest financial institutions was one of the most serious incidents in the history of the country, it was not the first of its kind.
The banking sector has been at the receiving end of cyber-attacks for a few years now. Database of 69, 189 bank cards of one of the leading private banks of Pakistan was put for sale on the dark web in February 2019. The data breach cost the bank data worth $3.5 million. In November 2018, Pakistan’s banking industry suffered a unique form of cyber attack. Data of almost all Pakistani banks was breached, affecting nearly 20,000 banking customers, causing significant financial losses to the institutions. Various websites of Sindh High Court in July 2021, attack on ATMs in Peshawar in December 2020, and security breach of Careem in April 2018, were also notable cyber attacks.
Here comes the more important question to our minds. Who all are behind this form of lethal and covert warfare? Generally speaking, the majority of us consider this to be carried out by individual hackers or cyber thieves but unfortunately this is not true. Unfriendly states, authoritarian regimes with more sinister designs are also using this as the weapon of choice to destroy the peaceful nation states, and that is more alarming.
We are living in an era now, where we have to wonder whether terrorists and unfriendly states could cause damage with computer codes that, before they could only cause with a bomb. Could we afford to wait for the next deadly attack on Pakistan, which could be delivered with the tap of a key, instead of bullets and bombs, by an anonymous enemy using bits and bytes. Using only a computer, terrorists or nations could attack critical infrastructure like the power grid that could result in a blackout for the majority of the country. With computers permeating our environments and cyber weapons unleashed, how long before a computer virus, a true digital weapon, is launched against the more sophisticated military targets.
National Cyber Security Policy-2021
Back in 2018, the newly elected government of Prime Minister Imran Khan faced multiple challenges on variety of fronts. However, being a visionary leader, the Prime Minister Imran Khan considered the cyber warfare to be one of the gravest threats to Pakistan. Within months after he was sworn in, the PM tasked his cabinet to prepare the cyber security policy and take all necessary measures to fight this menace on priority. He also gave guidelines to state organizations to prepare effective response to this emerging new challenge. Finally, the efforts bore fruit in November 2021, when the nation’s first ‘National Cyber Security Policy’ was approved; indeed, a significant milestone in present times. Finalized by Ministry of Information Technology and Telecommunication, the policy stated that a cyber-attack on Pakistan would be taken as an act of aggression against national sovereignty and would be defended with appropriate response measures in accordance with national and international laws for reciprocal respect of digital sovereignty.
The draft policy envisaged developing secure and resilient cyber systems and networks for national cyber security and response. “To mitigate cyber threats the country faces today and to improve the national cybersecurity outlook, it is imperative to undertake the strengthening of national cybersecurity capabilities through the development of essential and well-coordinated mechanisms, implementation of security standards and regulations under a policy and legislative framework,” the policy added. The guiding principles to achieve policy objectives, including all actions, would be driven by the need to protect people and enhance national and public prosperity, respective public and private organizations would be responsible to ensure the cybersecurity of their online data.
PAF’s Cyber Force Stands Up
The Pakistan Air Force, more technologically advanced among the three-armed forces, had felt the need most, to protect its resources from cyber-attacks. Taking lead and guidelines from the PM Imran Khan’s policy on cyber security, ACM Zaheer Ahmed Baber Sidhu, Chief of the Air Staff, PAF tasked a team of professionals and enthusiasts under the command of AVM Abbass Ghuman to establish PAF’s Cyber Command on war footings. Then the miracle happened. In less than four months after the air staff approval in Jul 2021, the first and one of its kind Cyber Security Centre (CSC) was established at AHQ in Oct 2021. The main purpose of CSC would be to train what it calls ‘PAF’s Cyber Warriors’. It is the first step towards establishing the ultimate PAF’s Cyber Command which is envisaged to be ready for action by Mar-April 2022 timeframe.
“PAF Cyber Command, when fully operationalized, will play a significant role for supporting growth of cyber security demands in the field of academics, technology and professional competence in line with the vision of the Govt of Pakistan and would be a game changing transformation towards 5th dimensional warfare,” said ACM Zaheer Ahmed Baber Sidhu, Chief of the Air Staff, PAF at the inauguration of the facility.
The Air chief further added that the new set-up would include comprehensive research and development (R&D) and certification structure in addition to operational requirements. It would enhance the vital industry-academia linkage as envisaged by the national cyber policy and the PAF has established various state-of-the-art infrastructures like Cyber Technology Park (CTP) at NASTP (National Aerospace Technology Park) PAF Nur Khan and National Cyber Security Academy (NCSA) at Air University in this regard.
“I would also like to appreciate my team who worked day and night for developing these cyber capabilities. PAF will Inshallah become a highly responsive and resilient cyber force for combating contemporary warfare and play a significant role in cyber defence of the country in line with National Cyber Security policy,” said AVM Abass Ghuman as the CSC got operational.
The main purpose of the CSC is to function as the nerve centre of the PAF’s Cyber Command and it is a facility that houses an information security team responsible for monitoring and analyzing organization’s security posture. It is a unit where security experts have devised defences against cyber attack on organization – to figure out attacks through the internet, what is its payload, motivation, what is it going to do once it is actually in the system etc etc.
The objectives of the Cyber Command, is to build a force, trained and equipped, for conducting sustained cyber operations through the electromagnetic spectrum, fully integrated with air and space operations. The establishment of fully operational centralized Cyber Command will enable PAF to strengthen its emerging cyber security requirements. Its mission is serious – to execute decision-making, accelerate operations, provide battle changing opportunities, and deny those capabilities to adversaries. The baseline setup will uplift PAF Cyber Security capability in line with the dictates of modern warfare. It will set the pace for the operationalization of Cyber Command, and will be upgraded through R&D setups and collaboration with national / international industry through NASTP (National Aerospace Technology Park), another brilliant initiative taken up by the PAF. To prevent the organization from cyber threats, Hardware and Software Evaluation labs are already performing critical tasks of advanced mobile forensics, data recovery and password decryption. These operations are underway at state-of-the-art facilities such as National University of Science and Technology (NUST) and the Air University (AU), directly in collaboration with PAF. In pursuit of excellence, PAF IT Academy would also be utilized for specialized training courses & certifications in the field of Information Technology / Cyber Security. It is also pertinent to put your capabilities under a test, to evaluate the strengths and weaknesses of the inherent systems. This is where the role of cyber range will come in place. With the concept of RED and BLUE teams, the cyber range carries out extensive real time exercises to evaluate the offensive and defensive capabilities of the system in near realistic environment.
Industry-Academia Linkage
Another important aspect is the training and capacity enhancement of the human resource involved in these operations. In line with the national cyber vision of developing resilient cyber systems, PAF in collaboration with Air University had also taken major initiatives. These initiatives were primarily focused to build a strong supply line of cyber talent, create strong industry-academia linkages, establish comprehensive R&D setups and strengthen national as well as PAF cyber operational capability. These projects included establishment of National Cyber Security Academy (NCSA), conducting the 2nd International Conference on Cyber Warfare and Security, and development of Cyber Technology Park (CTP) at NASTP PAF Nur Khan on the direction of Chief of Air Staff. Potential of NCSA can be fully capitalized if it is integrated with the Cyber Industry through Cyber Technology Parks. It is pertinent to highlight that the first ever Cyber Centre of Excellence is being established at NASTP Nur Khan. CTP would be a comprehensive setup, technology demonstrator and a platform to collaborate with National / International Cyber firms under one roof. True dividends of industry academia linkage in cyber domain can truly be obtained by this setup. CTP will assist in joint collaborations between the government and companies, professional bodies and serve as a gateway to attract advanced cybersecurity companies that would work hand in glove with government. This platform would act as a stepping stone and create an opportunity at national level in cyber capability development and capacity enhancement while staying abreast with latest technological trends.
The world is now in a digital arms race against nations, hackers and terrorists. The number of countries armed with cyber weapons is in dozens not to mention terrorists and criminal hackers. Unless we find ways to counter these threats there is a real danger that all this technological progress will do more damage than good.However, the PAF Cyber Command is here, to protect not only PAF but also country’s vital and strategic assets from belligerent cyber-attacks by the adversaries.
