The federal government has sent a cybersecurity advisory to ministries and provincial governments to prevent data leaks through the dark web, it emerged on Friday.
The dark web, or darknet, is a part of the internet that lies beyond the reach of search engines. Users are largely anonymous and untraceable and mainly pay with cryptocurrencies like bitcoin.
The advisory, titled ’Leakage of Sensitive Data on Dark Web (Advisory No 53), noted that the anonymity offered by the dark web makes it a “gateway to the world of crime” and constitutes 96 per cent of total data available on the internet.
“Dark/deep web is being used by nefarious mindsets, including criminals, terrorists, Hostile Intelligence Agencies (HIAs) and non-state actors,” it stated.
The advisory lists some of the crimes carried out on the dark web, including:
Hacking
Blackmailing
Website defamation
Data dumps
Accessing personal information of citizens and key appointments via leaked databases
Financial scams via leaked banking details
Honey pots to trap civilians and government officials
Terror financing and money laundering
Disseminating propaganda
Recruiting terrorists
Cross-border collaboration and terrorist support
Drug, human and weapons trafficking
Bounty hunting and ransom attacks
“Users are advised to put in efforts to protect personal and official data from being exposed to cybercriminals and further leakage on hacking forums/dark web,” the advisory stated.
It provided a list of guidelines to ensure data safety. These are:
Stay away from exploring dark web sources
Remain vigilant while surfing the web
Never forward, or click a link or pictures shared on email or WhatsApp by unknown sources
Apply two-factor authentication on all email, social media and banking accounts.
Never share One-Time Password (OTP) with anyone
Do not install untrusted software or applications (without digital signature) from third-party sources on Windows and Android/i0S phone
Do not install unnecessary plugins on browsers except Adblock and Adblock plus
Always install and regularly update reputed antimalware/anti-virus solution on both Windows/Android phones
All under command be sensitised not to share personal information, passwords or sensitive information on phone calls
Phishing calls from unknown numbers must not be trusted and reported to PTA if found suspicious
To counter social engineering/scam phone calls, always ask relevant questions from the caller and carefully judge him/her to ensure authenticity
The advisory comes months after several audio recordings of conversations between top political leaders, including former premier Imran Khan and incumbent PM Shehbaz Sharif, were leaked online.
Reports at the time stated that a hacker or a collective — that has been involved in previous cyberattacks on behalf of neighbouring India — listed for sale on the dark web a data dump containing conversations from the Pakistani PM Office.
Users claimed that the clips leaked online were shared by the alleged hacker(s) as proof that they were indeed in the possession of sensitive data and set a minimum bid of around 18 BTC, or Etherscan tokens, worth around $345,000.
Some users also suggested that the purported hacker(s) — who originally posted sometime in August 2022 — claimed to have more records, including conversations of both the current and former prime ministers. However, Dawn was unable to independently verify these claims.
