Description:

In what looks to be the second-largest security breach any Pakistani institution has ever experienced in almost a year, the official website of the Export Development Fund (EDF) of Pakistan, an independent entity under the Ministry of Commerce, was compromised.

Exclusive information made available to ProPakistani claims that the data dump, which is over 4GB in size, contains hexed passwords, email records, email history, files, and other critical information. The breach demonstrates how the actor had access to the EDF"s mainframe without difficulty and extracted official records from a wide range of categories.

According to the assessment, the website"s security was lax, which made penetration possible.

After receiving information from unnamed sources, ProPakistani quickly confirmed the validity of the sample dataset, which also includes sensitive data such as meeting minutes, sensitive correspondence, proposals, proposals on proposals, trade information, and information about upcoming bids.

Raw data snapshots show that the hacker is likely foreign-born and willing to sell the stolen information for $400 or the equivalent in Bitcoin through his Telegram channel.

The EDF website was restored a few hours after the attack, according to our channel checks, however the site then started listing former prime minister Imran Khan and former commerce advisor Abdul Razak Dawood as its key officials. Following feedback from ProPakistani, the government updated the website once more.

Saleh Farooqi, the secretary of commerce, acknowledged that the EDF website had been hacked and subjected to a brute-force attack in a statement to ProPakistani. He said that the server, which had been restored and was now operating properly, had been installed at COMSATS and was run by AHamson/COMSATS.

The email server has also been activated and is now secured, according to the secretary. He continued by saying that emails typically contain information on projects as well as routine correspondence between officers and pertinent parties. These are internal communications, and they don"t seem to jeopardise the Fund"s operations, he continued.

He added that the service provider and EDF are in direct contact, that protocols have already been changed, and that additional security measures are being implemented.

Hacking is a big issue, but EDF doesn"t handle our critical information. However, Our own fact-finding team will be there, Saleh continued.
According to intelligence analyst Zaki Khalid, who is stationed in Rawalpindi, when commenting on the data leak, it is yet another regrettable example of how lightly cyber security compliance is treated.

"Even though succeeding governments have occasionally provided recommendations, there are still implementation gaps. Evidently lacking is internal monitoring," he remarked.

These hacking have recently made headlines in Pakistan, with the first significant attack occurring under the previous administration. Senior Ministry of Finance personnel" official emails allegedly fell victim to a cyber security attack in December 2021. As a result, official correspondence containing private information about the IMF, FATF, CPEC, and other government agencies was compromised.

Data from SECP from last month was recently made public online. ProPakistani issued a timely alert, and SECP promptly deleted all the private data that was exposed on the hacked link.