According to the sources, there has been a national crisis-like situation since 2 a.m. yesterday, and the country’s shipments have begun to suffer as a result of the shutdown of all FBR websites and data centres.
Hackers broke into Pakistan’s largest data centre, administered by the Federal Board of Revenue (FBR), and managed to break Microsoft’s hyper-V software, knocking down all of the tax authority’s official websites.
A top official informed a leading newspaper, detailing out “There has been a national crisis-like situation since 2 a.m. Saturday morning, and we may not be out of the woods by Sunday evening,”
The official version from the FBR had to wait until the story was filed. When the website was first opened, it stated, “The FBR’s website is momentarily down for scheduled maintenance.”
The authorities did, however, publish a broad news release about ongoing service optimization activities at Islamabad’s FBR House Data Center.
The technical team is currently moving services, according to the FBR. The completion of this move will result in an increase in FBR IT Operations’ overall productivity. This move is required to permit system upgrades in order to provide the greatest services to our clients, according to the statement.
“Stakeholders who receive services from the data centre have been advised that there were unanticipated issues during the migration process, which has resulted in service outages since the early hours of last night. To minimise downtime to a minimal, the FBR team is working to restore services as quickly as possible. This task should be done within the next 48 hours.” “FBR regrets and apologises for any trouble this may have caused and appreciates the stakeholders’ ongoing cooperation,” it added.
According to the official, the cyberattack impacted the data center’s virtual environment.
“This time, the virtual machines in the data centre were hacked, and the attackers were able to exploit the weakest link, which was Microsoft Inc’s hyper-V software,” he continued. Reports suggest that Pakistan has contacted Microsoft, who is assisting in the recovery after the attack.
“It’s cyber terrorism on our Independence Day,” the officer explained, adding that the perpetrators had yet to be found. “Since the virtual environment has been damaged, we are attempting to construct a new virtual environment, which might take up to two days,” said another information technology official.
“We’re aiming to restore the websites by tomorrow afternoon and the critical data centre by tomorrow evening, as we don’t want to risk further damage by transferring data too quickly.”
According to the sources, hackers have been attempting to break into data rooms for the past few days, and a warning has been given that a big cyber-attack may occur shortly. However, the FBR disregarded the warnings, and the hackers eventually gained access to part of the data.
According to another report, the FBR learned about the incident after the assailants began causing environmental damage. On March 23, last year, a severe attack on the FBR’s data centre occurred, however it was unsuccessful. However, they were able to get into the system this time, they added.
The attacks occur as the government considers a law proposal that would grant access to the FBR’s database to the National Database Registration Authority (NADRA).
The FBR’s database is the world’s largest, containing information on trillions of rupee transactions, as well as details on citizens’ wealth, income, and expenditures. It also contains information on their different personal and corporate transactions, which are subject to various sorts of withholding taxes.
The FBR issued an internal alert after learning of the hack, saying it had “had a major cyberattack on our data centres.” All applications have been disabled and require assistance from all teams.”
The Pakistan Revenue Automation Limited (PRAL), the FBR’s technology and data backbone, is also down and compromised, according to the sources. As a technological business, PRAL was supposed to install firewalls to protect its data centre, but it did not do so diligently.
According to the reports, some board members are more interested in operational issues than policy ones, which has led in grouping with the organisation.
According to sources, there was a need to assign blame for the security system compromise. The FBR has also recently engaged a chief information officer to improve data usage and security, according to the sources. According to them, pressure is growing on Customs as a result of the seriousness of the attack.
Aside from other items, consignments of fresh vegetables and courier consignments are stopped up at border checkpoints. Due to a loss of connection to the data source, people are unable to use the Active Taxpayers List.