AGL 5.77 Decreased By ▼ -0.31 (-5.1%)
ANL 9.01 Decreased By ▼ -0.39 (-4.15%)
AVN 78.40 Decreased By ▼ -3.06 (-3.76%)
BOP 5.16 Decreased By ▼ -0.11 (-2.09%)
CNERGY 4.66 Decreased By ▼ -0.24 (-4.9%)
EFERT 80.54 Decreased By ▼ -1.01 (-1.24%)
EPCL 51.97 Decreased By ▼ -2.03 (-3.76%)
FCCL 13.59 Decreased By ▼ -0.81 (-5.63%)
FFL 5.87 Decreased By ▼ -0.18 (-2.98%)
FLYNG 7.09 Decreased By ▼ -0.47 (-6.22%)
FNEL 4.82 Decreased By ▼ -0.18 (-3.6%)
GGGL 8.89 Decreased By ▼ -0.43 (-4.61%)
GGL 15.89 Decreased By ▼ -0.81 (-4.85%)
HUMNL 5.83 Increased By ▲ 0.14 (2.46%)
KEL 2.60 Decreased By ▼ -0.19 (-6.81%)
LOTCHEM 29.94 Decreased By ▼ -0.61 (-2%)
MLCF 25.40 Decreased By ▼ -2.39 (-8.6%)
OGDC 72.23 Decreased By ▼ -1.77 (-2.39%)
PAEL 15.42 Decreased By ▼ -0.77 (-4.76%)
PIBTL 5.03 Decreased By ▼ -0.20 (-3.82%)
PRL 16.37 Decreased By ▼ -0.92 (-5.32%)
SILK 1.09 No Change ▼ 0.00 (0%)
TELE 9.60 Decreased By ▼ -0.44 (-4.38%)
TPL 7.30 Decreased By ▼ -0.40 (-5.19%)
TPLP 19.18 Decreased By ▼ -0.59 (-2.98%)
TREET 21.93 Decreased By ▼ -1.26 (-5.43%)
TRG 144.54 Decreased By ▼ -2.81 (-1.91%)
UNITY 16.60 Decreased By ▼ -0.59 (-3.43%)
WAVES 10.01 Decreased By ▼ -0.37 (-3.56%)
WTL 1.36 Decreased By ▼ -0.10 (-6.85%)
BR100 4,230 Decreased By -100.1 (-2.31%)
BR30 15,822 Decreased By -474.4 (-2.91%)
KSE100 42,071 Decreased By -832.3 (-1.94%)
KSE30 15,504 Decreased By -300.7 (-1.9%)
Follow us

ISLAMABAD: The Federal Tax Ombudsman (FTO) Dr Asif Mahmood Jah has unearthed systematic flaws in security of confidential/classified data of taxpayers and directed the Pakistan Revenue Automation Limited (PRAL) to develop security policies/infrastructure and implement international standards for protection against future cyber attacks on Federal Board of Revenue’s (FBR) website.

The Federal Tax Ombudsman (FTO) in a landmark investigation found that due to incompetence, and ineptitude in the discharge of duties by FBR & PRAL, confidential/classified data of FBR Web portal was hacked.

According to details, tax lawyer Waheed Shahzad Butt has filed a public interest complaint against the FBR/PRAL key position holders, wherein after a comprehensive investigation, FTO Dr Jah concluded that FBR/ PRAL is not using any software to manage its Network Security policies and FBR has filed a false/wrong statement regarding the system disrupted period which is also contrary to the Finance Minister’s stance and using expired certification.

FTO order states: “The above analysis clearly reflects maladministration oozing out of neglect, inattention, delay, incompetence and ineptitude of FBR & PRAL’s functionaries, in the administration and discharge of assigned duties and responsibilities. PRAL data centre is not equipped with any Instruction Prevention/ Intrusion Detection system, a material systematic flaw exposing security of its database. PRAL data centre is not compliant to some credible International Standard and its certification was also expired in December 2020.

Security of taxpayers' data: No action taken against PRAL officials

When contacted Waheed Shahzad Butt told this correspondent that Cyber attack on key data websites, data and data centres of FBR/PRAL pose a threat that can undermine the security capabilities of a state (Pakistan). It can cause significant economic damages including ongoing crucial CPEC activities. Mastermind of this nefarious move and all team members including public servants working in FBR/PRAL must be removed from Government of Pakistan Services and criminal cases must be registered against all of them for not providing security to the confidential/classified data of taxpayers of Pakistan, solely due to their extreme inefficiency, negligence and corrupt practices for not buying the computer soft-wares and using pirated versions.

Waheed further added the hacking took place at a time when the Cabinet Division has also shifted its business online. Same episode has already been unmasked by the FTO in C. No. 507/2013 [2014 PTD 1353 = 109 Tax 1]. The failures in combating cyber threats can lead to a national crisis, as it is an integral part of Pakistan’s defence.

FTO directed the FBR to carry out a complete appraisal of its system’s vulnerabilities in order to avoid any such incident in future. Adopt solutions designed with security as a top priority like Cloud Car which provides protection against widespread system crashes and slow paced operations. PRAL is directed to develop security policies and security infrastructure with the help of efficient security tools like Intrusion Prevention and Intrusion Detection Systems both network-based and host based.

Deploy Comprehensive Security and incident Monitoring (SIEM) Solution in its Data Centre. Implement some credible International Standard (like Tier II, Tier III and Tier IV from Uptime Institute) as protection against any such threat in the future, FTO order added.

Copyright Business Recorder, 2021


Comments are closed.

Sensitive data of taxpayers at stake: FTO asks PRAL to upgrade security benchmarks

KSE-100 plummets 2% as market reacts to 'surprise' rate hike

TTP ends ceasefire with govt, orders ‘attacks’ in country

Fawad says PTI leadership has ratified Imran's decision to dissolve KP, Punjab assemblies

KATI patron-in-chief, industrialist S.M. Muneer passes away in Karachi

Pakistan's delegation leaves for Russia to hold discussions on oil, gas

Rupee largely stable, settles at 223.95 against US dollar

Oil falls to near year’s lows on China demand worries

Pak Army’s ‘political quarantine’ will augur well for Pakistan: Gen Bajwa

Hina Rabbani Khar to visit Afghanistan on Tuesday: FO

By-elections will be held in Punjab, KP in case of mass resignations: ECP