Cyber Warfare – The Way Forward
Pakistan has stood victorious in the battle to confront terrorism, and extremism; It is a national duty for us to ponder over, and render suggestions for our national security stakeholders to aid them in filtration, and strategic policy making in context of Cybersecurity. Recently, the national response center for Cyber Crime deterrence has been inaugurated in Islamabad. However, the dearth of specialised people in this field has to be overcome through direct induction into Federal Investigation Department’s cybercrime wing. Existing resources should be capitalised, and restructured to meet the impending needs in cyber warfare. However, above all we need to evaluate the entire framework, and adopt contemporary policies.
Fourthly, the three imperative questions are to be inquired. Who are the viable targets of cybercrime? Who are to be the stakeholders in cyberwarfare policies? And what are the defensive as well as offensive mechanisms for cyberwarfare? Among these three, the foremost should be a public-private partnership in deterring cybercrime. The government, national security agencies, armed forces, and experts in cybercrime deterrence wing should hold regular meetings, and the channelisation of all the decisions should be based on consensus from the Federal Ministry of Information technology.
Cybercrime bill passed in 2016 has to be reviewed, and amended to include the solutions to psychological, and strategic threats of cyber warfare. Moreover, the defence and offensive capacity to deal with cyber warfare is entirely opposite. Thereby, the armed forces should handle the strategic dimension of warfare while the government is to be more proactive towards policy implementation.
Emerging threats can only be discerned by the individuals who have on ground familiarity on war strategies. The deep web has to be apprehended, and operations carried out against the criminals who are consuming it for terrorism, manipulation or inimical state agenda.
Additionally, the government as well as semi government organizations are to be recommended to develop robust firewall in response to susceptible cyber-attacks to minimise the risk of theft, damage or blackmailing. With public-private participation, cybercrime associated incident response teams can be established which would be in contact with the security analytics, and will raid on spot in case of breach of security, subsequently reducing response time will depreciate the loss inflicted on data. These teams can be evolved through White Hat Hackers marathon or events which spark curiosity of the youth to bring up ideas, and form Smaller Rapid Response teams for different districts, and centralise them with NACTA to assure a bonding mechanism. Mobile applications vulnerability assessment should be gradually surveyed, and appropriate measures such as proscription or regularising them to be levied.
Likewise, on the international front, the issue upon regulation of computer systems through provision of identification number to the user has been brought up at various United Nations sessions. In Pakistan, the absence of stringent measures on purchasing, and selling of electronic gadgets is itself a predicament.
Any device which can be connected with the network has exposed its niceties, and any expert hacker can intrude into the systems. Most importantly, government employees should be asked to provide their computer’s identification number which could aid in shielding the data from malware. People on many instances insert their USB in government computers which is naïve and could have grave repercussions.
Lastly, there are solutions for the time constraints in dealing with cyber-attacks; yet, reviewing plausible options on rapid response, my perception is that our cyber experts should ponder over the use of “Anomalytic”. It constitutes of advanced analytics and automated intelligence which tracks elusive anomalies, horizontal movement, and can impede resourceful cyber attackers.
Flow of communication is what it utilises incorporating it in mathematics yielding treasured data for them to identify the behavioural array of the hackers, track them, and craft velocity vectors as a stimulated response for future security. Our political, social, and personal will can only uplift us in this industry as progressive learning is what counts in our capacity building.