Cyber vulnerabilities pose serious risks to development, prosperity and social harmony. Cyber security has become a complex and all-encompassing political, social, economic and technological phenomenon. Since the turn of the century, the nature and scope of the internet and its users have changed fundamentally. In 1995 only 16 million of the world’s population had access to internet. Today, more than half of the world’s population is online and, among them, more than half access the internet via mobile devices. Cyberspace has become integral to the flow of goods and services; to support for critical infrastructure (such as electricity, water, banking, communication and transportation); and to the control of industrial, security and military systems.
By now, it is a common observation that cyber risk is a global phenomenon, transcending national borders and endangering the infrastructure and citizenry of developing and developed nations, democracies and authoritarian regimes alike. A trite response to this global problem would post a global solution — which is far easier to propose than to achieve.
Cyber security regimes exist in the context of a multilateral response to cyber risk that is at best partial and tentative, one in which competing national agendas and approaches have limited prospects for coordinated action. International law applies to cyberspace, prohibiting direct and indirect cyber-attacks by states and setting out the conditions under which they may use cyber force to defend themselves, and obliges states to ensure that cyber infrastructure within their borders is not used against other states. However, the application of international law’s broad principles to the unique circumstances of cyber-attacks is vague on a number of issues. And, of course, the international law regime focuses on state actions, not cybercrime.
Our daily life, economic vitality, and national security depend on a stable, safe, and resilient cyberspace. Cyberspace and its underlying infrastructure are vulnerable to a wide range of risk stemming from both physical and cyber threats and hazards. Sophisticated cyber actors and nation-states exploit vulnerabilities to steal information and money and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services.
Countries like US and Canada have released strategies to execute cyber security responsibilities to keep pace with the evolving cyber risk landscape by reducing vulnerabilities and building resilience, countering malicious actors in cyberspace, responding to incidents and making the cyber ecosystem more secure and resilient.
Cyberspace and its underlying infrastructure are vulnerable to a wide range of risk stemming from both physical and cyber threats and hazards. Sophisticated cyber actors AND nation-states exploit vulnerabilities to steal information and money They are also developing capabilities to disrupt, destroy, or threaten the delivery of essential services. A range of traditional crimes are now being perpetrated through cyberspace. This includes the production and distribution of child pornography and child exploitation conspiracies, banking and financial fraud, intellectual property violations, and other crimes, all of which have substantial human and economic consequences.
Cyberspace is particularly difficult to secure due to a number of factors: the ability of malicious actors to operate from anywhere in the world, the linkages between cyberspace and physical systems, and the difficulty of reducing vulnerabilities and consequences in complex cyber networks. Of growing concern is the cyber threat to critical infrastructure, which is increasingly subject to sophisticated cyber intrusions that pose new risks. As information technology becomes increasingly integrated with physical infrastructure operations, there is increased risk for wide scale or high-consequence events that could cause harm or disrupt services upon which economy and the daily lives of millions of people depend. In light of the risk and potential consequences of cyber events, strengthening the security and resilience of cyberspace has become an important mission to accomplish.
Although today’s world is more interconnected than ever before yet for all its advantages, increased connectivity brings increased risk of theft, fraud, and abuse. As the world become more reliant on modern technology, we also become more vulnerable to cyber-attacks such as corporate security breaches and social media fraud. Complementary cyber security and law enforcement capabilities are critical to safeguarding and securing cyberspace.
Information and communication technologies have evolved over the last two decades and are now integrated into virtually every aspect of our lives. The loss of trust in that integrity would jeopardize the benefits of this technological revolution. Much of the hardware and software originally developed to facilitate this interconnected digital environment has prioritized efficiency, cost and the convenience of the user, but has not always had security designed in from the start. Malicious actors – hostile states, criminal or terrorist organizations and individuals – can exploit the gap between convenience and security. Narrowing that gap is a national priority. The expansion of the Internet beyond computers and mobile phones into other cyber-physical or ‘smart’ systems is extending the threat of remote exploitation to a whole host of new technologies. Systems and technologies that underpin our daily lives – such as power grids, air traffic control systems, satellites, medical technologies, industrial plants and traffic lights – are connected to the Internet and, therefore, potentially vulnerable to interference. These are sound foundations. But the persistence and ingenuity of those who would threaten states, the prevalence of their vulnerabilities and gaps in our capabilities and defenses mean states need to work even harder to keep pace with the threat. A comprehensive approach is required if we are to effectively secure our cyber interests.
New technologies and applications have come to the fore and greater uptake of internet-based technologies worldwide, in particular in developing countries, has offered increasing opportunities for economic and social development. But as reliance on networks grows, so do the opportunities for those who would seek to compromise systems and data. Equally, the geopolitical landscape has changed. Malicious cyber activity knows no international boundaries. State actors are experimenting with offensive cyber capabilities. Cyber criminals are broadening their efforts and expanding their strategic modus operandi to achieve higher value pay-outs from countries, organizations and institutions. Terrorists, and their sympathizers, are conducting low-level attacks and aspire to carry out more significant acts.
In May 2018, Pakistan government’s Cyber Security Centre had been inaugurated at Air University in Islamabad to deal with cyber security challenges in the digital age. Cyber security encompasses technologies, processes and controls that are designed to protect systems, networks and data from cyber-attacks. Pakistan’s Cyber Security Centre aims to develop advanced tools and research technologies to protect Pakistan’s cyberspace, sensitive data, and local economy from the cyber-attacks. Country’s National Counter Terrorism Authority (NACTA) also established a cyber-security wing on modern lines to evolve cyber security strategies and to meet emerging cyber terrorism threats.
Pakistan House aims to work on cyber security strategies through research technologies in order to protect against cyber threats. It includes protection of sensitive data, economy and countering threats of terrorism from both internal and external attacks.