Popular Post

NAB contests Imran's bail in a £190m fraud case
News

NAB contests Imran's bail in a £190m fraud case

EASA Confirms Continued Ban on PIA Flights to Europe
News

EASA Confirms Continued Ban on PIA Flights to Europe

KP sparked controversy by fraudulent driving licenses.
News

KP sparked controversy by fraudulent driving licenses.

CM Gandapur initiates the hiring process for KP Govt positions.
News

CM Gandapur initiates the hiring process for KP Govt positions.

Opportunity for Non-Filers: Pre-Travel Ban Explanation Required
News

Opportunity for Non-Filers: Pre-Travel Ban Explanation Required

Massive Data Breach on the EDF Website of the Commerce Ministry

  • author
  • 2022-09-01 21:10:51
  • Telecom
Massive Data Breach on the EDF Website of the Commerce Ministry

Description:

In what looks to be the second-largest security breach any Pakistani institution has ever experienced in almost a year, the official website of the Export Development Fund (EDF) of Pakistan, an independent entity under the Ministry of Commerce, was compromised.

Exclusive information made available to ProPakistani claims that the data dump, which is over 4GB in size, contains hexed passwords, email records, email history, files, and other critical information. The breach demonstrates how the actor had access to the EDF"s mainframe without difficulty and extracted official records from a wide range of categories.

According to the assessment, the website"s security was lax, which made penetration possible.

After receiving information from unnamed sources, ProPakistani quickly confirmed the validity of the sample dataset, which also includes sensitive data such as meeting minutes, sensitive correspondence, proposals, proposals on proposals, trade information, and information about upcoming bids.

Raw data snapshots show that the hacker is likely foreign-born and willing to sell the stolen information for $400 or the equivalent in Bitcoin through his Telegram channel.

The EDF website was restored a few hours after the attack, according to our channel checks, however the site then started listing former prime minister Imran Khan and former commerce advisor Abdul Razak Dawood as its key officials. Following feedback from ProPakistani, the government updated the website once more.

Saleh Farooqi, the secretary of commerce, acknowledged that the EDF website had been hacked and subjected to a brute-force attack in a statement to ProPakistani. He said that the server, which had been restored and was now operating properly, had been installed at COMSATS and was run by AHamson/COMSATS.

The email server has also been activated and is now secured, according to the secretary. He continued by saying that emails typically contain information on projects as well as routine correspondence between officers and pertinent parties. These are internal communications, and they don"t seem to jeopardise the Fund"s operations, he continued.

He added that the service provider and EDF are in direct contact, that protocols have already been changed, and that additional security measures are being implemented.

Hacking is a big issue, but EDF doesn"t handle our critical information. However, Our own fact-finding team will be there, Saleh continued.
According to intelligence analyst Zaki Khalid, who is stationed in Rawalpindi, when commenting on the data leak, it is yet another regrettable example of how lightly cyber security compliance is treated.

"Even though succeeding governments have occasionally provided recommendations, there are still implementation gaps. Evidently lacking is internal monitoring," he remarked.

These hacking have recently made headlines in Pakistan, with the first significant attack occurring under the previous administration. Senior Ministry of Finance personnel" official emails allegedly fell victim to a cyber security attack in December 2021. As a result, official correspondence containing private information about the IMF, FATF, CPEC, and other government agencies was compromised.

Data from SECP from last month was recently made public online. ProPakistani issued a timely alert, and SECP promptly deleted all the private data that was exposed on the hacked link.

You may also like

Popular posts

Will Pakistan Drop A Atomic Bomb on Israel to Assist Iran?
News

Will Pakistan Drop A Atomic Bomb on Israel to Assist Iran?

  • 2025-06-15 10:48:42
The flour mills stop their strike temporarily.
News

The flour mills stop their strike temporarily.

  • 2024-07-14 11:15:01
Imran sets the terms for talks with the government
Politics

Imran sets the terms for talks with the government

  • 2024-07-14 11:08:12
Imran Khan and Bushra Bibi Arrested in NAB Case Following Acquittal in Iddat Case
Politics

Imran Khan and Bushra Bibi Arrested in NAB Case Following Acquittal in Iddat Case

  • 2024-07-14 10:59:48
The price of petrol and diesel may increase soon
News

The price of petrol and diesel may increase soon

  • 2024-07-14 10:47:29

Pages

Subscribe our Newsletter!

Subscribe to our email newsletter to receive useful articles and special offers.