Breach of cyber security: Cabinet Div directs adherence to cyber security SOPs

ISLAMABAD: The government has issued a fresh advisory to the PM Secretariat, Aiwan-Saddar, Cabinet Divisions and all other concerned on cyber security for ending leaks of any crucial information.

After leakage of crucial information recently, the Cabinet Division issued fresh directives to comply with Standard Operating Procedures in a bid to end spying through breach of cyber security.

According to Cyber Security Advisory issued by the Cabinet Division titled “Cyber Security Advisory — Play Store Apps Spying on Android Users Using Face Stealer,” recently more than 200 Android apps masquerading as benign apps have been observed distributing spyware called ‘Facestealer” to gather user credentials and other valuable information.

Of the 200 apps, 42 are Virtual Private Network (VPN) services, 20x camera, and photo editing applications and 152 are apps masquerading as fitness and puzzle apps/ others. It stated that though, Google has removed these apps from Play Store, users who might have installed them are advised to remove/ uninstall these apps.

The capabilities of a face stealer app are as under as the face stealer app changes its code frequently, thus spawning many variants. It gathers sensitive data such as Facebook login credentials. In addition to harvesting credentials, the apps are also designed to collect Facebook cookies and personally-identifiable information associated with a victim’s account. To avoid falling victim to such scam apps, users are advised to always check reviews, verify legitimacy of developers and avoid downloading apps from third-party app stores, the advisory stated.

The Ministries/Divisions and Attached Departments have been given instructions to disseminate the message to all concerned in their organisations, all attached/affiliated departments, and ensure necessary protective measures.

Another separate security advisory issued by the Cabinet Division stated that a malicious Indian domain applyforme.pk has been identified. The website pretends to be legitimate and advertises Ministry of Defence (MoD), Pakistan jobs/ vacancies.

Analysis reveals that the domain is operating allegedly to deceive MoD job applicants and extract personally identifiable information. Such information can be used to entrap citizens and conduct cyber espionage campaigns. Users are advised to refrain from such domains and follow recommendations.

It is recommended that the applicants, while applying for jobs, must remain watchful of such fraudulent websites/ platforms. The official websites for applying for MoD jobs are https://mod.gov.pk/Sitelmage/iobs and https://recuitment.mod.gov.pk

It advised: “Do not reveal personal or financial information on websites. Do not respond to website solicitation for such information. Verify a link by checking the domain name of the site. It helps to indicate whether the site is legitimate or otherwise. Always check the security of the website (https) before sending or entering any sensitive information online. Always pay attention to the website’s URL.

Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain. In case, a user is not sure whether the website is legitimate, then try to verify by contacting the concerned organisation directly.”