Alleged use of foreign data services behind hacking of banks

  • Agents of a foreign company are allegedly offering lucrative incentives to the high-ranked officials of the banks

ISLAMABAD: Despite the availability of a safe and secure satellite internet and data service in the country, the banking sector allegedly preferred using a foreign company’s satellite internet and data services, sources revealed on Saturday.

Sources in the telecom sector told this scribe that Pakistan’s banking sector had allegedly used satellite internet and data service of a foreign company despite the fact that Pakistan Space and Upper Atmosphere Research Commission’s communication satellite, PakSat-1R, was providing safe and sound satellite internet and data services.

Sources attribute the recent hacking of various banks of Pakistan to the use of satellite internet and data service of the said foreign company.

Pakistan Telecommunication Authority (PTA) had earlier taken notice of the ‘illegal’ use of non-secure and unreliable satellite internet and data services of a foreign company, but the telecom sector’s regulator has so far kept a mum on the matter.

Sharing the possible reasons behind the stealing of debit cards data of the customers, sources said that data of a bank branch, which obtained the satellite internet and data service from a foreign company, is transferred to Spain and Dubai-based hubs. Later, the date is provided to the concerned bank’s headquarter through the internet. However, data of a bank branch, which does not obtain foreign company’s services, is transferred to the relevant bank’s headquarter without internet through local backhaul media providers (PTCL/Wateen/Word Call), sources added.

“A state-owned bank is currently making necessary preparations to obtain the services of a foreign company,” sources disclosed, adding that agents of this foreign company are offering lucrative incentives/services to the high-ranked officials of the banks.

An official at PTA, on the condition of anonymity, said that an end to cyber-attack is not possible without a proactive role of the PTA and State Bank of Pakistan (SBP) to prevent pilferage.

Syed Ali Ather, an expert in the telecom sector, said stealing of a bank branch’s data is possible if satellite internet and data service is used. He said that the recent attack on banks has made it quite clear that there is a need for improvement in the security system of the country’s banks. “We must look into ways the security infrastructure of banks can be bolstered,” he added.

It is pertinent to mention that cyber-attack on Pakistani banks has become a matter of grave concern that needs to be investigated and stopped, as innocent customers are being deprived of their hard-earned money because of the alleged security breaches.

Reportedly, the head of the Federal Investigation Agency’s (FIA) cybercrime wing had said data from “almost all” Pakistani banks were stolen in a recent security breach. The first case of a cyber-attack on a Pakistan’s bank was reported by BankIslami on October 27, 2018. And, the next day, the SBP issued directives to all banks to ensure that security measures on all information technology systems — including those related to card operations — are continuously updated to meet future challenges, ensure real-time monitoring of card operations related systems and transactions and immediately coordinate with all the integrated payment schemes, switch operators and media service providers.

This shocking disclosure came a few days after around 10 banks blocked all international transactions on their cards, following the concerns raised over the breach of credit and debit cards data.

Ahmad Ahmadani
Ahmad Ahmadani
The author is a an investigative journalist at Profit. He can be reached at [email protected].

Must Read

If Pakistan’s agriculture is to thrive, farmers need banks. But the...

It is no secret that agriculture has long been underserved by the country’s commercial banks. This last year might be the first step towards correcting this mistake