Pakistan’s banks and law enforcement clash over severity of hack

Written by

Pakistan’s top criminal investigation agency and the country’s central bank are at odds Wednesday over the breadth of a reported cyberattack that affected customers of at least one commercial bank.

An official from the Federal Investigation Agency (FIA) said Tuesday that most of the country’s major banks had been affected by breaches that began in October, but the State Bank of Pakistan (SBP) responded with a statement that it “categorically rejects such reports.”

“There is no evidence to this effect nor has this information been provided to SBP by any bank or law enforcement agency,” SBP said about comments from FIA Cybercrimes Director Mohammad Shoaib that were reported by the news site Geo.tv.

Most of the public information about the cyberattack stems from a Nov. 4 advisory by PakCERT, one of Pakistan’s top cybersecurity organizations, which pointed to activity by Karachi-based BankIslami. The bank “noticed abnormal transactions” on Oct. 27 and “shutdown its international payment scheme.”

Other banks followed with security alerts and actions to temporarily halt activity on accounts, PakCERT said. Researchers for the organization then found two separate dumps of customer account information posted on the dark web. “A total of 19,864 cards were compromised from 22 Pakistani banks,” the PakCERT advisory said.

Pakistan’s banks have scrambled to assure their customers that accounts are safe, according to English-language newspaper Dawn. Officials from banks, the FIA and the SBP are planning to meet soon to discuss next steps in responding to the reported breach, the newspaper said.

Shoaib told Dawn that the cyberattack was the work of “international” hackers. The agency only has so much capability to protect banks, and “it is the sole responsibility of the banks to make their own arrangements to prevent stealing of their data and money of their clients,” he told the newspaper.