In an age where our lives are deeply intertwined with digital technology, Pakistan faces a daunting challenge in safeguarding its cyber landscape. With approximately 66% of the global population—around 5.3 billion people—connected online, the opportunities for cybercriminals to exploit weaknesses have never been greater. Cybercrimes, which involve illegal activities carried out through digital devices and networks, are on the rise, and Pakistan’s ability to protect its digital assets and maintain cyber resilience is under serious threat.
Currently, Pakistan’s defenses against cyber threats are far from robust. Pakistan relies on CDNs (Content Delivery Networks) in 38 cities. 90% of internet usage is by Social Media apps. In the wake of any national event / activity, unusually high activity put a strain on internet traffic, resulting in internet choking. The country struggles with advanced foreign surveillance, malware attacks (like Gamarue and Peals), and Distributed Denial of Service (DDoS) attacks. The problem is compounded by outdated technology, limited technical expertise, and weak legal frameworks. Often, cybersecurity measures in Pakistan are piecemeal and under-resourced, leading to frequent breaches of critical national databases. This vulnerability is worsened by insufficient private sector involvement, an over-reliance on internal resources, and a lack of coordination and planning at the national level. With a rapidly growing number of internet users (approximately 111 million but increasing with every passing day), these issues are becoming even more complex.
Furthermore, increased VPN usage has slowed speeds due to encryption an extended routing. VPN usage puts extra load on gateway internet traffic whose speed has already reduced by 1.5 TBPS due to faulty cable. The major beneficiaries of VPN usage are dark web users involved in blasphemy and child abuse, who find a safe refuge to carry out their nefarious activities behind the curtain of unauthorized VPNs. In 2023, 2,473 cases of online harassment were reported. Digital terrorists and dark web users, are exploiting to situate internet slowdown with installation of national firewall, basically to protect their businesses and to misguide the general public. The situation is further complicated by the cyber threats posed by neighboring India. The ongoing geopolitical tensions have extended into the digital realm, where India’s sophisticated cyber capabilities pose a serious risk. Internet capacity of Pakistan is quite less as compared to India (139 vs 20 TBPS) which has been further decreased due to faulty SMW – 4 cable. These capabilities allow India to disrupt Pakistan’s security, economic stability, and public sentiment, exacerbating regional tensions. For example, a 2020 investigation by the EU DisInfo Lab revealed a massive disinformation campaign orchestrated by India. This involved over 550 fake online domains and 750 bogus media outlets aimed at damaging Pakistan’s global image. Such tactics illustrate how cyber tools are used strategically to influence public opinion and escalate conflicts.
Pakistan also faces internal challenges from terrorist groups that use cyberspace for propaganda and coordination. The rapid expansion of digital technology in key sectors like government, finance, and healthcare has led to a surge in cyber-attacks, threatening to disrupt vital infrastructure and manipulate public opinion.
To tackle these challenges and improve national security, Pakistan needs a comprehensive and forward-thinking cybersecurity strategy. This strategy should include stronger laws to combat cybercrime, a more resilient institutional framework, and the establishment of Cyber Defense Response Teams (CDRT) at both federal and provincial levels. With an estimated 20 billion connected devices by 2030, Pakistan must focus on crafting detailed legislation, enhancing cyber management practices, and creating a national cybersecurity policy that addresses issues like cyber warfare, data privacy, and cyber terrorism. It’s also crucial to boost law enforcement through public education campaigns, advanced training, and careful monitoring of imported technology.
Here are some key steps Pakistan should take to improve its cybersecurity:
Protect Vital Databases: Promote the advanced security measures such as National Firewall to safeguard critical databases from unauthorized access and breaches.
Secure the Financial Sector: Ensure that banks and financial institutions follow global standards to protect sensitive data and maintain public trust.
Update PECA: Revise the Prevention of Electronic Crimes Act (PECA) to create a more effective legal framework that deters cybercriminals and ensures swift justice.
Create a National Cyber Coordination Centre: Establish a centralized body to streamline responses to cyber incidents and coordinate national efforts.
Set Up CDRT Headquarters: Develop provincial and national Cyber Defense Response Teams to effectively manage and mitigate cyber-attacks.
Enhance the National Centre for Cyber Security (NCCS): Promote collaboration between academia, industry, and government through this center to drive cybersecurity innovation and research.
As technology continues to advance, it brings both new opportunities and new risks. Pakistan’s current cybersecurity framework is not enough to meet these evolving challenges. By adopting a more comprehensive and collaborative approach, the country can better protect itself against cyber threats and ensure a safer digital future for all its citizens. Internet slowdown has been wrongly attributed to installation of firewall. There is need to educate the masses about reality checks and counter negative propaganda regarding firewall installation, which in reality has been installed to protect the digital frontier of Pakistan- legitimate right of any sovereign state.