Warning: Use of undefined constant REQUEST_URI - assumed 'REQUEST_URI' (this will throw an Error in a future version of PHP) in /home/dasktech20/public_html/thecyberforum.com/wp-content/themes/herald/functions.php on line 73
Pakistan Electronic Crimes Act PECA – The Cyber Forum https://www.thecyberforum.com Fri, 28 Dec 2018 05:41:52 +0000 en-US hourly 1 https://wordpress.org/?v=5.4.2 https://www.thecyberforum.com/wp-content/uploads/2018/07/cropped-justice-147214_960_720-32x32.png Pakistan Electronic Crimes Act PECA – The Cyber Forum https://www.thecyberforum.com 32 32 Cybercrime Cases Registration: Clear Rise in Last Three Years in Pakistan https://www.thecyberforum.com/2018/10/24/cybercrime-cases-registration/ https://www.thecyberforum.com/2018/10/24/cybercrime-cases-registration/#respond Wed, 24 Oct 2018 19:45:53 +0000 https://www.thecyberforum.com/?p=2074 Social Media has become a hub to gather people on different forums. As it is used by a variety of people to share positive vibes, the virtual space is used by some cyber criminals that convert them into negative. There are above 50 million broadband subscribers and about 150 million cellular phone subscribers that have […]

The post Cybercrime Cases Registration: Clear Rise in Last Three Years in Pakistan appeared first on The Cyber Forum.

]]>
Social Media has become a hub to gather people on different forums. As it is used by a variety of people to share positive vibes, the virtual space is used by some cyber criminals that convert them into negative.

There are above 50 million broadband subscribers and about 150 million cellular phone subscribers that have occupied virtual space in Pakistan. But most of them are unaware that this space is being negatively used by some cyber criminals that have caused a sharp rise in the cybercrime cases registration in the last three years in Pakistan.

With the sharp increase in the number of cybercrime cases registration, most of them are about harassment of women through social media for which Federal Investigation Authority (FIA) has taken many initiatives to cater the problem.

Dawn News quoted the FIA’s figures that,

There has been observed a sharp increase in the number of cybercrime cases registration in the last three years in which harassment and blackmailing are the most prominent.

According to the report, FIA conducted 2,295 inquiries, registered 255 cases, and made 209 arrests in 2018. These figures are highest since the enactment of Prevention of Electronic Crimes Act (PECA) by the Parliament in 2016 in a bid to cope with the cybercrime problems.

In 2017, the corresponding figures were 1,290 inquiries, 207 cybercrime cases registration, and 160 arrests were made, whereas in 2016 the figures were 514, 47, and 49 respectively.

According to the FIA officials,

The tremendous growth of social media in recent years caused a sharp rise in the incidents of cyberbullying, harassment, blackmailing, hate speech, online defamation, and online fraud in recent years.

They further told that people usually don’t report the case due to some personal reasons, otherwise, the actual figures may be much higher. The situation will be brought under control as the government recently established 15 new centers.


Read Cybercrime Reporting Center: FIA Permitted To Open 15 Centers


FIA Cyber Crime Director retired Capt. Mohammad Shoaib, in June, told to the Senate Standing Committee that agency has only 10 experts to investigate cybercrime in the country. In January this year, FIA launched a new Cybercrime Reporting Website which is now permanently moved to NR3C.

FIA cybercrime circle received 2019 complaints back in 2017 which were related to three major categories: 1,592 or 76% are related to blackmail harassment, and defamation through social media, 307 or 14% are related to financial fraud, 116 or 5 % are of threatening calls, and the remaining 186 are pertaining to email hacking, spoofing etc.

The post Cybercrime Cases Registration: Clear Rise in Last Three Years in Pakistan appeared first on The Cyber Forum.

]]>
https://www.thecyberforum.com/2018/10/24/cybercrime-cases-registration/feed/ 0
Cybercrime Reporting Center: FIA Permitted To Open 15 Centers https://www.thecyberforum.com/2018/10/09/cybercrime-reporting-center-fia-permitted-to-open-15-centers/ https://www.thecyberforum.com/2018/10/09/cybercrime-reporting-center-fia-permitted-to-open-15-centers/#respond Tue, 09 Oct 2018 21:08:14 +0000 https://www.thecyberforum.com/?p=2045 ISLAMABAD: On Tuesday, FIA allowed to open 15 new cybercrime reporting centers in the country. A notification is issued by the Ministry of Interior to the FIA for permitting to establish 15 new cybercrime centers in all four provinces and Gilgit-Baltistan. 15 setup will be established in 5 centers in Punjab, 3 each in Sindh […]

The post Cybercrime Reporting Center: FIA Permitted To Open 15 Centers appeared first on The Cyber Forum.

]]>
ISLAMABAD: On Tuesday, FIA allowed to open 15 new cybercrime reporting centers in the country.

A notification is issued by the Ministry of Interior to the FIA for permitting to establish 15 new cybercrime centers in all four provinces and Gilgit-Baltistan.

15 setup will be established in 5 centers in Punjab, 3 each in Sindh and KPK, 2 in Balochistan, and 1 each in Islamabad and Gilgit.

The decision was made in section 51 of PECA 2016 to empower governments to investigate cybercrimes in a more holistic way. According to officials, the step was taken to ensure maximum coverage of cybercrime investigation throughout the country.

They further added the jurisdictions of the 15 centers aimed at taking full actions against all nature of cybercrimes and criminals involved in it.

In Punjab, the five centers will be set up in Rawalpindi, Multan, Gujranwala, Faisalabad, and Lahore. The center of Lahore will cover Lahore, Nankana Sahib, Sheikhupura, Kasur, Sahiwal, Okara, and Pakpattan.

The Rawalpindi city, Jhelum, Chakwal, and Attock are given in the jurisdiction of Rawalpindi cybercrime center. Gujranwala, Gujrat, Hafizabad, Mandi Bahauddin, Narowal, and Sialkot will be covered by the centers of Gujranwala.

Faisalabad center will cover Faisalabad, Jhang, Toba Tek Singh, Sargodha, Khushab, Bhakkar, and Mianwali. Multan, Vehari, Khanewal, Lodhran, D.G. Khan, Layyah, Muzaffargarh, Rajanpur, Bahawalpur, Bahawalnagar, and Rahim Yar Khan are included in the limits of Multan cybercrime reporting center.

Peshawar, Nowshera, Charsadda, Malakand, Buner, Chitral, Lower Dir, Upper Dir, Shangla, Swat, Mardan, and Swabi are given in Peshawar center.

Similarly D.I. Khan, Tank, Bannu, Lakki Marwat, Kohat, Hangu, and Karak are given in the limits of D.I. Khan cybercrime reporting center.

The Abbottabad reporting center will cover Abbottabad, Kohistan, Mansehra, Torghar, Batagram, and Haripur while Karachi East, Karachi West, Karachi South, Karachi Central, Malir and Korangi are given in Karachi cybercrime reporting center.

Sukkur, Khairpur, Ghotaki, Larkana, Jacobabad, Kashmor, Shahdakot, and Shikarpur are given under Sukkur reporting center while Hyderabad, Dadu, Jamshoro, Matairi, Tando Allahyar, Tando Muhammad Khan, Thatta, Sujawal, Badin, Mirpurkhas, Tharparkar, Umerkot, Shaheed Benazirabad, Naushehro Feroze, and Sanghar are included in the Hyderabad jurisdiction.

The Quetta cybercrime reporting center will include Quetta, Qila Saifullah, Loralai, Musakhel, Sherani, Sibi Lehri, Hernai, Ziarat, Kohlu, Dera Bugti, Jaffarabad, Suhbatpur, Nasirabad, Jhal Magsi, and Kech.

Gawadar center will cover Kech, Panjgur, Kalat, Mastung, Khuzdar, Awaran, Kharan, Washuk, and Lasbela. The Gilgit cybercrime reporting center will cover Gilgit, Hunza, Nagar, Baltistan, Kharmang, Shigar, Ghanche, Astore, and Diamer cybercrime reports.

The post Cybercrime Reporting Center: FIA Permitted To Open 15 Centers appeared first on The Cyber Forum.

]]>
https://www.thecyberforum.com/2018/10/09/cybercrime-reporting-center-fia-permitted-to-open-15-centers/feed/ 0
Blasphemous Content: A Man Is Arrested https://www.thecyberforum.com/2018/10/09/blasphemous-content-a-man-is-arrested/ https://www.thecyberforum.com/2018/10/09/blasphemous-content-a-man-is-arrested/#respond Tue, 09 Oct 2018 20:58:54 +0000 https://www.thecyberforum.com/?p=2042 A resident of Chakwal Ibtesam was also involved in spreading denominationalism. The case is registered. ISLAMABAD: FIA’s Cybercrime Wing has arrested an accused of uploading blasphemous content against Holy Entities. According to FIA sources, Ibtesam – a resident of District Chakwal – was not only involved in spreading blasphemous content but also promoting denomination contents […]

The post Blasphemous Content: A Man Is Arrested appeared first on The Cyber Forum.

]]>
A resident of Chakwal Ibtesam was also involved in spreading denominationalism. The case is registered.

ISLAMABAD: FIA’s Cybercrime Wing has arrested an accused of uploading blasphemous content against Holy Entities.

According to FIA sources, Ibtesam – a resident of District Chakwal – was not only involved in spreading blasphemous content but also promoting denomination contents on a Facebook account.

The case is registered under PECA 2016. Counterterrorism provisions are also included in this case.

Accuse Ibtesam has confessed his crime as well.

The post Blasphemous Content: A Man Is Arrested appeared first on The Cyber Forum.

]]>
https://www.thecyberforum.com/2018/10/09/blasphemous-content-a-man-is-arrested/feed/ 0
“Fake Facebook Account” Female Is Arrested for Uploading Her Friend’s Pictures https://www.thecyberforum.com/2018/10/09/fake-facebook-account-female-is-arrested/ https://www.thecyberforum.com/2018/10/09/fake-facebook-account-female-is-arrested/#respond Tue, 09 Oct 2018 20:48:22 +0000 https://www.thecyberforum.com/?p=2039 PESHAWAR: A girl is arrested for uploading indecent images and other materials of her friend on a fake Facebook account. FIA’s Cybercrime Wing; upon receiving a complaint of a girl on uploading her indecent pictures and other content on a fake Facebook profile; investigated the case and arrested her friend. According to sources, accused is […]

The post “Fake Facebook Account” Female Is Arrested for Uploading Her Friend’s Pictures appeared first on The Cyber Forum.

]]>
PESHAWAR: A girl is arrested for uploading indecent images and other materials of her friend on a fake Facebook account.

FIA’s Cybercrime Wing; upon receiving a complaint of a girl on uploading her indecent pictures and other content on a fake Facebook profile; investigated the case and arrested her friend.

According to sources, accused is a friend and neighbor of the victim. She uploaded her pictures on a fake social media profile, caused breaking-up her engagement.

The post “Fake Facebook Account” Female Is Arrested for Uploading Her Friend’s Pictures appeared first on The Cyber Forum.

]]>
https://www.thecyberforum.com/2018/10/09/fake-facebook-account-female-is-arrested/feed/ 0
“Blackmailing Case” Pashto Singer Muneeba Shah Arrested by FIA https://www.thecyberforum.com/2018/10/02/blackmailing-case-pashto-singer-muneeba-shah-arrested-by-fia/ https://www.thecyberforum.com/2018/10/02/blackmailing-case-pashto-singer-muneeba-shah-arrested-by-fia/#respond Tue, 02 Oct 2018 18:00:35 +0000 https://www.thecyberforum.com/?p=2034 PESHAWAR: Pashto singer and dancer Muneeba Shah is arrested by FIA’s Cybercrime Wing in a blackmailing case. According to sources; Muneeba Shah is allegedly involved in harassing a girl by uploading her personal pictures via a fake social media account. The singer has also taken into custody from her residence in Peshawar. Police registered an […]

The post “Blackmailing Case” Pashto Singer Muneeba Shah Arrested by FIA appeared first on The Cyber Forum.

]]>
PESHAWAR: Pashto singer and dancer Muneeba Shah is arrested by FIA’s Cybercrime Wing in a blackmailing case.

According to sources; Muneeba Shah is allegedly involved in harassing a girl by uploading her personal pictures via a fake social media account.

The singer has also taken into custody from her residence in Peshawar.

Police registered an FIR against singer under Cybercrime Act.

The post “Blackmailing Case” Pashto Singer Muneeba Shah Arrested by FIA appeared first on The Cyber Forum.

]]>
https://www.thecyberforum.com/2018/10/02/blackmailing-case-pashto-singer-muneeba-shah-arrested-by-fia/feed/ 0
“Offensive Campaign” Against Judge on Social Media https://www.thecyberforum.com/2018/10/02/offensive-campaign-against-judge-on-social-media/ https://www.thecyberforum.com/2018/10/02/offensive-campaign-against-judge-on-social-media/#respond Tue, 02 Oct 2018 17:54:00 +0000 https://www.thecyberforum.com/?p=2030 ISLAMABAD: FIA registered a case against 3 accused along Chacha Shakoor in an offensive campaign on social media against Athar Minallah, Justice Islamabad High Court. Assistant Director Cybercrime Imran Haider has started the investigation of the case registered by Humayon Aslam; Sub-Inspector cybercrime center Islamabad. FIA Cybercrime Wing has launched a case against people indulge […]

The post “Offensive Campaign” Against Judge on Social Media appeared first on The Cyber Forum.

]]>
ISLAMABAD: FIA registered a case against 3 accused along Chacha Shakoor in an offensive campaign on social media against Athar Minallah, Justice Islamabad High Court.

Assistant Director Cybercrime Imran Haider has started the investigation of the case registered by Humayon Aslam; Sub-Inspector cybercrime center Islamabad.

FIA Cybercrime Wing has launched a case against people indulge in an offensive propaganda on social media against Islamabad High Court Judge under PECA sections 10(A), 11, 20, and Pakistan Penal Code sections 109 and 506.

Acting Registrar, Islamabad High Court, complained about the case upon which case has been registered.

According to FIA, Abdul Shakoor was doing a baseless offensive propaganda against Judiciary on YouTube, Dailymotion, Facebook, and a website while many fake accounts are doing same in which a Dubai Website Development company is also involved.

Moreover, many pieces of evidence and materials have also been received with the complaint.

According to FIA sources, an offensive video against judges is uploaded on a YouTube channel named Chacha Shakoor which has already 34k subscribers.

According to the remarks and decisions made by Justice High Court Athar Minallah, aforementioned accounts on social media uploaded offensive content for which Cybercrime Team is in continuous contact with YouTube authority.

The post “Offensive Campaign” Against Judge on Social Media appeared first on The Cyber Forum.

]]>
https://www.thecyberforum.com/2018/10/02/offensive-campaign-against-judge-on-social-media/feed/ 0
Data Breach: Protect Your Small Business https://www.thecyberforum.com/2018/09/28/data-breach-protect-your-small-business/ https://www.thecyberforum.com/2018/09/28/data-breach-protect-your-small-business/#respond Fri, 28 Sep 2018 20:21:35 +0000 https://www.thecyberforum.com/?p=2020 Introduction In every 10 data breaches, 9 are possibly on the small businesses. Data security is the fastest growing threat to your business. But most of you must be thinking that why cybercriminals haunt for small businesses? Well, the matter of fact those small businesses aren’t thwarted to such cybersecurity attacks. Small business owners are […]

The post Data Breach: Protect Your Small Business appeared first on The Cyber Forum.

]]>
Introduction

In every 10 data breaches, 9 are possibly on the small businesses. Data security is the fastest growing threat to your business. But most of you must be thinking that why cybercriminals haunt for small businesses? Well, the matter of fact those small businesses aren’t thwarted to such cybersecurity attacks. Small business owners are not educated enough to cope with the situation plus they don’t have sufficient resources to push away these risks. But you people, don’t have to worry about how you can protect your business against data breach as we are going into further detailing of Recent famous data breaches which affected businesses. How do they happen? Which data is stolen? And Data Security Breach: Impacts on Your Business blogging chain.

   data breach

Get insights into the data breach

You are well aware of Data Breaches, after reading our previous blog posts but this is not everything you should know about. Field of the data breach is boundary-less with new and modern scams and malware popping out every other day. As stated by Norman Guadagno, Chief Evangelist, Carbonite, “It only takes one click for malware, viruses, and ransomware to infiltrate your system, compromising important business data.”

In this scenario, the first step is to educate yourself about the data breach, how they happen, and which data is at risk. Educating yourself is not sufficient. You need to educate your employees, create an environment vigilant to data breach and copping management against such attacks. Test your employees to detect a phishing email and cover loopholes to improve your system.

Christopher Roach, MD and nation IT practice leader, CBIZ Risk & Advisory Services suggest that “Hiring a third-party to conduct social engineering or facility breach exercises, can help you understand whether your security policies and awareness programs will actually prevent outsiders from obtaining valuable client information directly from your employees.”

Know about your data

If you’re among those having sensitive information stored in multiple locations and don’t know their exact location such as credit card numbers or personally identifiable information (PII) that can be linked to an individual, is a major concern among security experts.

Only 16% of organizations know where their data resides and a minuscule 7% knowing the location of all sensitive unstructured data, including data in email and documents.

Steve Jobs recommends on PCI Compliance Guide that you should assign a specific individual to be responsible and accountable for monitoring and protecting the sensitive data your business handles.

Create a simple spreadsheet having all information about folders containing sensitive data, its location, and who is responsible for it. Review the spreadsheet on a quarterly basis and never store cardholder data period.

Encryption is a must

Most operating systems come with encryption tools, such as Windows-Based Bit Locker and Macs File Vault. However, if you have to transmit data like emails, make sure it is encrypted and never ever transmit any data over public Wi-Fi networks.

Outsource payment processing

Every major attack against credit card data has exploited a single vulnerability of merchants that are still permitted to handle actual credit card data in their systems. Instead, properly combined point-to-point encryption and tokenization technologies should be adopted whenever a card is swiped.

Using a secure token returned to the merchant with proper authorization, reduces the risks on vulnerable cardholder information as the onsite database only holds token that is meaningless and valueless to thieves.

If it seems too complicated then avoid handling credit card data on your own and rely on reputable vendors, regardless if it is for point-of-sale or web payments.

data breach

Use multiple security

The first thing to do is to create a complex password, use upper and lower case with special characters. Normally a password should be changed after every 90 days and never share and write down your password. Use multi-factor authentication which uses a password and other factors to verify passwords such as different questions and fingerprints.

You should regularly update your tools to detect malware. Also, educate yourself about the happening of malware attack; the tactics that cybercriminals usually used. Preferably use a malware detection solution that can work in the background rather than relying on other options as user downloads or registration.

Physical information

Mere online and cloud-based data protection is not sensitive to be protected but your physical information is it – paperwork, receipts, hard drives, laptops, flash drives, and disks – are equally important. If you no longer need any physical data, you should properly dispose of it off.

Data breach insurance

If you’re in a business, you should be concerned about all security measures against data breach attack rather than onsite action. Most small businesses can have data breach insurance coupled with a number of other insurances of relatively small size. Data breach insurance can cost as little as few hundred dollars which is better than the cost to repair the damages of a data breach.

data breach

Data breach is a threatening point that shred your whole business with just one struck. Having full frame to secure your business from unwanted risks is all you need to do. Small business owners should adopt these precautionary measures in prior to any data breach attack as

Action is always better than reaction

The post Data Breach: Protect Your Small Business appeared first on The Cyber Forum.

]]>
https://www.thecyberforum.com/2018/09/28/data-breach-protect-your-small-business/feed/ 0
What are the available laws on WhatsApp harassment calls and messages in Pakistan? https://www.thecyberforum.com/2018/09/24/available-laws-on-whatsapp-harassment-calls-and-messages-in-pakistan/ https://www.thecyberforum.com/2018/09/24/available-laws-on-whatsapp-harassment-calls-and-messages-in-pakistan/#respond Mon, 24 Sep 2018 17:17:49 +0000 https://www.thecyberforum.com/?p=1990 What is the most trending app for quite a long time? I know you must be thinking of Facebook. Right? But, there’s another social app that connects people and is lying all the time in your cell phones and yes; this is WhatsApp. You share texts, documents, locations, gifs, audios, videos and one thing which […]

The post What are the available laws on WhatsApp harassment calls and messages in Pakistan? appeared first on The Cyber Forum.

]]>
What is the most trending app for quite a long time? I know you must be thinking of Facebook. Right? But, there’s another social app that connects people and is lying all the time in your cell phones and yes; this is WhatsApp. You share texts, documents, locations, gifs, audios, videos and one thing which you secretly share. Guessing??? Of course, this is a screenshot. It is trendy to have proofs of your conversation and one can never deny it.

As there’s good; there’s bad. Many people falsely use WhatsApp to threaten or harass someone by alleged calls and messages which trouble the victim. There are laws on WhatsApp harassment calls and messages in many countries that protect their citizens. We have discussed in Available Laws on WhatsApp Conversation previously and now we’re going in-depth in available laws on WhatsApp harassment calls and messages in Pakistan.

So let’s dig in it.

WhatsApp calls are traceable

The first thing that I need to make clear is – if you get a threatening call on your sim then you should contact police but if the same happens on WhatsApp then this would fall in cybercrime and this time, you should contact to the FIA’s Cybercrime Wing. Most of the time people approach to the wrong side to get solved their queries.

Since its launch, WhatsApp is being used in many places around the globe. There are political, social, freelance, discussion, friends, family, religious and many groups under different tags on WhatsApp. But, not forgetting the bad ones who have groups to plan an indecent or terrorist activity. There have revealed many extortion and target killing cases in Karachi where criminals have used WhatsApp to coordinate with each other. By saying this, I must tell you all that WhatsApp messages and calls are traceable. So if anyone is doing any activity, he/she can be traced by a single message or call.

Deleting messages will not help you

If you think that by deleting some messages and clearing your history will pull you out from the danger circle of getting caught then sadly, you’re wrong. WhatsApp is now under the authority of Facebook and upon getting a complaint, FIA can send the dossier to the respective authority to get all data – whether deleted or not. There’s an exchange of data treaty exists between FIA and Facebook, WhatsApp and other social media channels.

Available laws on WhatsApp harassment calls and messages

available laws on WhatsApp

Let’s briefly discuss the available laws on WhatsApp harassment calls and messages in Pakistan.

  • If some has hacked your WhatsApp account, through the web or by any other mean, then there is 3 years imprisonment, Rs. 5 million fine or both charged, depending on the severity of that offense.
  • If someone harassed you either in a WhatsApp group or in a private conversation through any abusing content – other than pornographic – then there is 3 years imprisonment and Rs. 1 million fine or both.
  • If someone shares unethical pictures then under Section 21 for that cognizable offense, there is 5 years imprisonment, Rs. 5 million fine or both.
  • Punishment of these crimes for accused under 18 extends to 10 years imprisonment with Rs. 5 million fine or both.

Punishment of 3 years imprisonment, 1 million fine or both (in severe cases) for

  1. Allegedly seeing and checking someone’s WhatsApp
  2. Sending teasing messages or calls even after receiving any warning to not contact again
  3. Spying/stalking on WhatsApp
  4. Broadcasting a false content through WhatsApp conversations and groups

Get protected

You need to make a protective shield around you. For this, you should

  • Not reply to any suspicious message or attend any call.
  • Not click spam links.
  • Never check key block while using WhatsApp web.

FAQ

If any government official is tracking your data then what should we do?

Well, if you’re innocent and any such person is doing to track your data without any legal permission which is not benefitting the public body but for his/her own personal grudges then you need to talk man-in-man, ask to stop doing that and tell him/her about available laws on WhatsApp. If he/she, after receiving your warning, continues doing same then you should pursue the case and launch a complaint against the accused.

But if they’re doing this for such a person who is involved in any activity against country then clearly saying that they have rights to do so as they are the security and public agency. One can do nothing to stop make them stop.

Giving an example here, last year a DIG of Gilgit-Baltistan harassed his ex-wife by sharing her indecent pictures. An FIR was launched against him and he was suspended from his position.

If you’re in trouble

available laws on WhatsApp

Even after doing all precautionary measures, if somehow you have become a victim of such harassments and want to require a help then taking screenshots should be your first priority. I would strongly recommend to get in touch with a cybercrime litigator and launch your complaint in person. Again saying, pre-fortifying yourself against such cases should be on top of your priority list.

Ok! Talk further

FIA Cybercrime Wing has not that many cases of cybercrime as Indians have because under Indian Information Technology Act 2000, there are many cybercrime cases – even in Supreme Court – which they have successfully pursued. But FIA has resolved many cases in which recent one is from Punjab University Lahore, where a faculty member of Law Department has registered a case under PECA against other faculty members for getting abused in a WhatsApp group.

Want any help?

Upon concluding this, I must ask you all that if anyone of you has any query regarding such incidents or want to share any experience; just comment below, so that we all can get to know about root-causes of these crimes. I, with my team, is available 24/7 to make our people safe from any cyber harassment. Feel free to talk with us.

Till then share the information and keep yourself and people around you safe.

The post What are the available laws on WhatsApp harassment calls and messages in Pakistan? appeared first on The Cyber Forum.

]]>
https://www.thecyberforum.com/2018/09/24/available-laws-on-whatsapp-harassment-calls-and-messages-in-pakistan/feed/ 0
388 cybercrime cases registered by FIA’s Cybercrime wing https://www.thecyberforum.com/2018/09/08/388-cybercrime-cases-registered/ https://www.thecyberforum.com/2018/09/08/388-cybercrime-cases-registered/#respond Sat, 08 Sep 2018 19:32:52 +0000 https://www.thecyberforum.com/?p=1975 ISLAMABAD: During the last two years, FIA’s Cyber Crime Wing registered 388 cybercrime cases and arrested 350 accused. From January 2016 to December 31, 2017, 65 convictions and 45 acquittals were made. According to the Ministry of Interior, courts imposed a fine amount of Rs. 12.72 million.

The post 388 cybercrime cases registered by FIA’s Cybercrime wing appeared first on The Cyber Forum.

]]>
ISLAMABAD: During the last two years, FIA’s Cyber Crime Wing registered 388 cybercrime cases and arrested 350 accused.

From January 2016 to December 31, 2017, 65 convictions and 45 acquittals were made. According to the Ministry of Interior, courts imposed a fine amount of Rs. 12.72 million.

The post 388 cybercrime cases registered by FIA’s Cybercrime wing appeared first on The Cyber Forum.

]]>
https://www.thecyberforum.com/2018/09/08/388-cybercrime-cases-registered/feed/ 0
Recent famous data breaches which affected businesses. How they happen? Which data is stolen? https://www.thecyberforum.com/2018/09/08/data-breaches-which-affected-businesses/ https://www.thecyberforum.com/2018/09/08/data-breaches-which-affected-businesses/#respond Sat, 08 Sep 2018 16:41:44 +0000 https://www.thecyberforum.com/?p=1962 Nowadays, we hear that data breaches occur and user data is in danger of getting leaked. In these scenarios, companies have to pay fines that can reach up to 4% of their total turnover per annum. Data breaches can cause loss of millions, in fact, billions of private records and sensitive data, affecting not just […]

The post Recent famous data breaches which affected businesses. How they happen? Which data is stolen? appeared first on The Cyber Forum.

]]>
Nowadays, we hear that data breaches occur and user data is in danger of getting leaked. In these scenarios, companies have to pay fines that can reach up to 4% of their total turnover per annum. Data breaches can cause loss of millions, in fact, billions of private records and sensitive data, affecting not just the organization but also people associated with it.

But first, for all those who don’t know what data breach is. Here’s a brief overview.

What is Data Breach?

When a cybercriminal infiltrates a data source and extracts sensitive information calling data breach or data stolen in other words. This can be done by physical accessing a computer or any network to steal data or by bypassing network security remotely. This is often used to target companies.

A typical breach operation involves:

  • Research: First and foremost, every operation begins with the deep study of a system and its functionality. Cyber-criminals look for weaknesses in a company’s security.
  • Attack: After a full understanding of the system, cybercriminals make initial contact using either network or social attack.
  • Network/Social Attack: A network attack is when a cybercriminal uses infrastructure, system, and application weaknesses to penetrate an organization’s network. Social attacks are tricking employees into giving access to the company’s network. An employee can be fooled into opening a malicious attachment.
  • Exfiltration: Once they get into the computer, they can attack the network and tunnel their ways with confidential company data. The attack is considered successful once hacker extracts the data.

data breach, how data breach occurs

Biggest data breaches

Following are the 10 biggest data breaches incidents reported to date:

Company/Organization Number of Records Stolen Date of Breach
Yahoo 3 billion August 2013
Equifax 145.5 million July 2017
eBay 145 million May 2014
Heartland Payment Systems 134 million March 2008
Target 110 million December 2013
TJX Companies 94 million December 2006
JP Morgan & Chase 83 million (76 million households and 7 million small businesses) July 2014
Uber 57 million November 2017
U.S. Office of Personnel Management (OPM) 22 million Between 2012 and 2014
Timehop 21 million July 2018

Courtesy: Trend Micro

Causes

Data breaches not only trouble organization but also people linked with it. They can be affected by stolen information which ultimately lands them in deep trouble. Knowing the actual causes of data breaches is the first step in prevention. The main causes of why data breaches happen are listed below:

  1. Old, unpatched, security vulnerabilities
  2. Improper configuration/Human error
  3. Malware
  4. Insider misuse
  5. Physical theft of a data carrying device
  6. Mis-delivery
  7. Disposal error
  8. Hacking
  9. Weak and stolen credentials
  10. Social engineering
  11. Too many permissions
  12.  Abuse of Authority

Examples

data breach happen

Following are the examples of common targets whose data has been stolen:

Business

Timeshop (July 2018)

Mobile App Vendor

On 4 July, due to network intrusion data of 21 million users were exposed for 2 hours.

Reddit (June 2018)

Content Aggregator

On 19 June, hackers gained access to an old database of users but the exact number of victims has not been revealed.

Dixons Carphone (June 2018)

Retailer

It is an estimation of 10 million customers could be affected by hacking the network. Some 5.9 million payment card records may have been accessed as well.

Equifax (July 2017)

Information Solutions Provider

One of the major cybersecurity incidents in the US affected 143 million consumers discovered on 29 July. The breach leaks out the names, social security numbers, birth dates, and addresses of almost half of the total US population. Investments in other 23 countries, around 400,000 UK customers were also reportedly affected.  It was revealed a total of 145.5 million exposed records in the final findings.

Ashley Madison (July 2015)

Social Media Website

10GB worth data on Deep Web has been stolen and dumped by hackers. Account details and personally identifiable information (PII) of around 32 million users with credit card transactions are included.

Target (January 2014)

Retailer

Penetrated the vendor’s network and infected all of its point-of-sale (PoS) machines, hackers were able to expose 40 million debit and credit cards to fraud. PINs, names and banking information included in the stolen information.

Medical/Healthcare

SingHealth (July 2018)

Medical/Healthcare Service Provider

Nonmedical personal data of around 1.5 million patients were accessed and copied. The stolen data also included the outpatient medical data of 160,000 patients.

Hong Kong Department of Health (July 2018)

Federal Agency

A ransomware attack hit the government agency which rendered systems inaccessibility for two weeks starting 15 July.

Anthem (May 2015)

Medical/Healthcare Service Provider

Started in April 2014, an attack affected in the theft of more than 80 million records of current and former customers.

Government/Military

UK Military Contract (May 2017)

Military Contractor

From the military contractor’s networks, a targeted attack group extracted sensitive data from a military contractor using their backdoor identified as RoyalDNS.

US OPM (April 2015)

Federal Agency

18 million federal employee records are hacked along with social security numbers, job assignments, and training details.

Banking/Credit/Financial

Deloitte (October/November 2016)

Accountancy Firm

A sophisticated hack compromised the confidential emails and plans of its blue-chip clients. Discovered in March 2017 but findings revealed that hack may have been launched as early as October or November 2016.

JP Morgan Chase & Co. (October 2014)

Credit Service Provider

An estimated 76 million households and 7 million small business records were compromised. The information includes names, addresses, email addresses, phone numbers, and others.

Educational

University of Maryland (March 2014)

Educational Institution

Above 300,000 student, faculty, and staff data from past 1998 was compromised but no medical, financial, or academic information was included. Stolen data mostly included name, birthdays, university ID numbers, and social security numbers.

University of Greenwich (2004)

Educational Institution

For exposing personal data of students on a microsite that was left unsecured since 2004, the university was fine ₤120,000.

Hackers needs!

Here is the golden information which is on the top priority list of hackers which they can be used to make money by duplicating credit cards and using personal information by fraud, identity theft, and even blackmail. They can also be sold in bulk in Deep Web marketplaces.

  • Banking account number
  • Clinical information
  • Claim information
  • Date of birth
  • Email address
  • Mailing and/or physical address
  • Member name
  • Member identification number
  • Social security number
  • Telephone number

Data breach effects

data breach effects

Cybercriminals almost never haunt end users unless an individual is connected to an industry. However, end users can be affected when their private information get stolen from a big industry. The consequences that businesses face are severe.

  • Hefty fines on the breached company.
  • Identity theft on personal and financial information.
  • Employees’ data in at risk.
  • May suffer a DDoS attack.
  • Intellectual property or trade secrets at risks.
  • Risk physical data loss.
  • Even after paying off fines, the company has to deal with the reputational damage.
  • Customers lose confidence in the brand.
  • The company puts off many potential customers.
  • Loss of potential human capital.
  • The credibility of brand questioned.

What to do!

Data breach

In case of a data breach, it is best to take note of the following practices:

Information Security Management System (ISMS): helps in managing your security process all in one place, consistently and cost-effectively.

Notify your bank: verify your account details and change PIN codes.

Double-check: check your email address from incoming emails as cybercriminals can impersonate as and representative and ask for credentials.

Do not click: never click suspicious looking links or download files from an unknown source.

Contact the breached company: if credentials or financials have been tampered with, immediately contact to the concerned company and ask them if they can assist you in enrolling in a fraud victim assistance program

Legal approach: in the case of a data breach attack, contact with the litigator to legally approach towards filing a case and securing your information.

As Marie Curie said,

“Nothing in life is to be feared, it is only to be understood. Now is the time to understand more, so that we may fear less.”

The post Recent famous data breaches which affected businesses. How they happen? Which data is stolen? appeared first on The Cyber Forum.

]]>
https://www.thecyberforum.com/2018/09/08/data-breaches-which-affected-businesses/feed/ 0