NSA’s color-coded global heat maps, — a
pictographic portrayal of the extent of its surveillance around the
world, ranging from green, depicting the least amount of monitoring, to
red, indicating the highest level of surveillance — showed Pakistan (as
only contry other than Iran) in shades of red, indicating heighest level
of surveillance.
Pakistan, among the top 5 targets of US National Security Agency, has
taken steps to secure its cyber front, said a recently published report
by “
The News”.
Considering the revelations made by Edward Snowden, it was
established that NSA may penetrate into Pakistani cyber space again to
steal sensitive data relating to Pakistan, its domestic politics,
strategic and economic interests and its nuclear programs, by tapping
into computer networks of Internet service providers such as email,
video-sharing, voice-over-IPs, chats and social networking websites.
National Telecom & Information Technology Security Board (NTISB)
has resultantly framed guidelines/techniques for protecting government
business from possible hacking attempts from domestic and foreign
threats.
On recommendation of NTISB, Cabinet Division has communicated the
guidelines to all ministries, government divisions and departments.
“Recent wave of stealing the sensitive official data by US NSA has
raised serious concerns warranting the implementation of all policies
and guidelines in true letter and spirit,” the Cabinet Division noted in
a letter to all ministries, departments and divisions.
“USA being the leading country in the field of communication and IT
is using multiple tools mainly through electronic surveillance, ground
and air intelligence platforms like satellites, recording telephonic
calls, gathering public pulse through e-mails filtering, radio
monitoring, communication leaks, vulnerabilities in IT based networks
carrying sensitive data and other sophisticated means, covertly or
overtly,” the Cabinet Division noted.
It merits mentioning here that in one of the maps revealed by Edward
Snowden, based on the amount of telephone and email communication data
collected by NSA, Iran was shown as the primary target, warranting 14
billion reports, followed by Pakistan (13.5 billion), Jordan (12.7
billion), Egypt (7.6 billion) and India (6.3 billion).
Keeping in view the intents of NSA, NTISB framed following guidelines:
- All government officials and officers must not use private emails (such as Gmail) for exchange of official correspondence
- Official data should not be stored/ copied on personal computers and laptops and personal USB at any cost
- Official data should not be stored/ copied on computers with internet connection
- No official/ classified information should be placed on internet by any means
- Uploading of sensitive information on social media should be avoided
- Uploading of videos and photos of official meetings should be avoided
- Downloading of software from internet should be avoided
- All government offices are supposed to get internet connections from National Telecommunication Corporation (NTC) as per policy
- Official personal computers (PCs) having sensitive data must not be provided with internet connection
- Contents placed on official websites must be properly scrutinised and approved for uploading
- Internet usage in government departments be regulated and access be provided with limited user privileges
- Internet computers be isolated and the network security must be
ensured and internet provision be controlled by the highest
administrative authority in the ministry, division or department.
The Security Board noted that presence of sensitive/ official data on
the web had made the government official entities hostage and
vulnerable to hostile ingress and sudden access by unknown intelligent
IT mafias, suspected hackers as well as individual secret agents.
Misuse of this information fairly acquired from such an advanced
information resource through multiple hacking techniques may invariably
cause serious threats to national security.
Keeping in view the NSA’s level of deep penetration into computer and
communication networks, it is assumed that above mentioned guidelines
aren’t enough to safeguard our national interests.
Further hardening of our ISPs, cellular networks, telecom companies
and other liaison channels is needed to cent percent protect our
national secrets.
Not to mention, Android, iOS, Windows, Mac and devices of various
other makes and kinds are all under NSA’s control that can communicate
user data to agency’s control room without any hassle.
Definitely, there is a lot more required than just these guidelines.