Connect with us

Hi, what are you looking for?

Latest Updates

FTO Demands Security Audit of FBR’s IT Wing

A cyber assault on FBR/critical PRAL’s databases, websites, and data centres might impair the state’s ability to protect itself.

Security firms will undertake an IT security examination on behalf of the Federal Tax Ombudsman (FTO) Dr Asif Mahmood Jah, as it was in the recommendations from the FTO catering to the Federal Board of Revenue’s Information Technology Wing (IT-Wing).

Following the FTO’s discovery of systemic vulnerabilities in the security of taxpayers’ private and classified data, they have asked the FBR to adopt security policies and infrastructure and implement international standards to secure the FBR website from further cyber assaults.

In a groundbreaking investigation, the FTO discovered that the FBR Web site was hacked and that the PRAL had not properly fulfilled its responsibilities.

The FTO Dr Asif Jah found that FBR/ PRAL does not use any software to manage its Network Security policies, and that FBR has filed a false/wrong statement regarding the system disrupted period, which is also contrary to the Finance Minister’s stance and using expired certificates, according to details in a public interest complaint filed by tax lawyer Waheed Shehzad Butt.

This analysis, according to an FTO directive, illustrates how FBR and PRAL officials failed to carry out their tasks because of a combination of negligence, inattention, tardiness, incompetence, and outright idiocy. There is a significant gap in the PRAL data centre’s security since it lacks an Instruction Prevention/Intrusion Detection system. Besides failing to meet a legitimate international standard, the PRAL data centre’s certification was set to expire in December of that year and thus no longer valid.

According to Waheed Shehzad Butt, a cyber assault on FBR/critical PRAL’s databases, websites, and data centres might impair the state’s ability to protect itself.

According to the FBR, the “PRAL has enhanced ‘ISMS’ rules and processes in place of the ISO 27001 framework. Because of the procurement process that has already begun, they are still awaiting security infrastructure.”

SIEM is part of the security infrastructure procurement process that has already begun. PRAL plans to install SIEM in its data centres after the procurement process is complete, resulting in improved security measures. For the next three years, the FBR (IT Wing) has hired a respected security firm to undertake a security assessment of its data centres. The FBR Data Centres will be ISO-27001 accredited when the audit is complete.

Written By

Works at The Truth International Magazine. My area of interest includes international relations, peace & conflict studies, qualitative & quantitative research in social sciences, and world politics. Reach@ [email protected]

National

An overseas Pakistani business group has formally offered over Rs 1.25 trillion to acquire Pakistan International Airlines (PIA) as part of the country’s efforts...

Sports

PTV Sports In an unexpected development, the live broadcast of the second One-Day International (ODI) between Pakistan and Australia was abruptly halted on PTV...

Entertainment

Superstar Fahad Mustafa and A-list actress Hania Aamir’s star-studded drama ‘Kabhi Main Kabhi Tum’ has set new milestones in the world of Pakistani television,...

Entertainment

Singer Aima Baig has been making waves on social media, recently due to a dispute with fellow singer Sarah Raza Khan, and now for...