The Pakistan Telecommunication Authority (PTA) has started a comprehensive cybersecurity audit for telecom operators in a move to bolster cybersecurity across Pakistan.
This audit aims to ensure the robustness of cyber defenses within the country's telecom sector.
According to sources, the PTA has directed world-class companies to conduct these audits, focusing on a thorough review of all technical aspects related to cybersecurity. The final evaluation will be carried out by the PTA to ensure that all cybersecurity measures meet international standards.
Key areas of the audit:
- The audit will assess whether telecom operators have effectively implemented the prescribed cybersecurity framework. It will also be reviewed whether the firewall is in place or not.
- The security clearance of staff members working for telecom operators will be reviewed to ensure that only vetted individuals handle sensitive information.
- Telecom operators will be scrutinized for measures in place to prevent leakage of user data, ensuring that personal and sensitive information remains secure.
Also Read: Pakistan accelerates firewall framework for regulating all digital media platforms
The PTA’s audit will culminate in a set of recommendations aimed at enhancing the overall cybersecurity posture of Pakistan's telecom sector. This initiative underscores the PTA's commitment to safeguarding national security and protecting users from potential cyber threats.
On August 13, the National Cyber Emergency Response Team (CERT) issued a critical advisory, warning of a heightened risk of cyber attacks targeting organizations across Pakistan. The advisory urged all institutions to take immediate precautionary measures to safeguard their digital infrastructure.
Also Read: Alert issued for huge risk of cyber attack; firewall activation urged
According to the National CERT, the primary threat identified was a SQL injection attack, a type of cyber assault in which hackers exploited vulnerabilities in a database to gain unauthorized access. The advisory highlighted that hackers could attempt to breach databases to steal sensitive information, posing a significant threat to the integrity and privacy of organizational data.
"Hackers are trying to gain access to sensitive information from various organizations' databases," the advisory noted.
The advisory strongly recommended that all institutions and organizations act swiftly to address this growing threat. It specifically advised the mobilization of information security officers to lead the defensive efforts within their respective entities.
