Few weeks ago, Pakistan hosted the SAARC conference. Conference went good and from India, Rajnath Singh, being the Home minister, attended this event (and we all know it didn’t go well with him). But it isn’t about him. It’s about the invitation he gave to all the SAARC countries. This invitation was for the Computer Emergency Response Team (CERT) conference under the banner of SAARC. After Rajnath Singh went to India, I was listening to the briefing that he was giving to his parliament. Among the several things he said, only one thing caught my attention and it was,
India will host CERT conference very soon and I have invited all the SAARC countries to this conference
Wait! We don’t have CERT. Before making it up to anything that creates panic, let’s measure it first. CERT or Computer Emergency Response/Readiness Team is a standard organization which works to stop the Cyber attacks at national level. It coordinates with other LEAs to neutralise the cyberterrorism using Intrusion detection and Prevention capabilities. It not only works to protect government infrastructure but the private agencies also. Attack on Pakistan’s financial institutions in 2013 in which more than half dozen banks were hacked and state sponsored attack on NADRA in 2014 are the examples where the CERT is needed. Different “CERT PK” websites which you can see on Google are owned by different private companies and do not represent official CERT of Pakistan.
National Resource Center for Cyber Crimes (NR3C) operating under Federal Investigation Authority don’t have enough resources and capabilities to represent itself as official CERT of Pakistan. Indian CERT named CERT-in was founded in February 2014. Now, I’m not sure whether Rajnath Singh was mocking us or not in the name of CERT but definitely it’s time to work on this. Legislating a ‘draconian’ Cyber Crime Bill is not enough to tackle the Cyber Crimes, especially the state-sponsored ones.