Pakistan Foreign Office has approached country’s top spy agency ISI against increasing cyber attacks on its website and servers.
The decision comes after Foreign Office (FO) systems have faced three major attacks by hackers over the past 18 months.
Apart from ISI ,the FO has sought an allocation of Rs 80 million in the next fiscal year’s budget for bolstering cyber security and securing its communications with the country’s missions overseas, an official told the Senate Foreign Relations Committee .
The money sought for cyber security is 130 per cent more than the additional expenditure that the FO intends to incur on boosting the physical protection of its premises, which is Rs 35 million.
The job will be done by “our premier security agency”, the official said in a reference to Inter-Services Intelligence (ISI).
The move comes as the FO strives to counter potential attacks in cyberspace by strengthening its readiness strategy.
Paucity of resources has been identified as one of the reasons behind poor security arrangements of FO’s IT infrastructure, the report said.
“We have firewalls in place and our staff is regularly monitoring the situation, but we are continuously under cyber attack… our website, our emails, our servers have faced attacks,” the official explained to the senators.
“We have our own security system, but it is always good to get help from those who are experts,” the official said in response to a query from a member as he acknowledged the inadequacy of the existing internal arrangements.
The FO has already used the services of ISI for the security audit of its IT systems.
The official said that ISI might outsource part of the job to its “security cleared contractors”, because they too did not have a complete in-house facility.
But, the FO by itself had never used private firms for this purpose, he added.
Some of the committee members had strong reservations on ISI being given the job.
The official said ISI, despite being given the responsibility for fixing cyber security shortcomings, would only have “limited access”.
“They cannot ingress our system, but only check from outside,” he maintained, adding the different departments had different encryption code