Federal Board of Revenue (FBR) (fbr.gov.pk) has been the target of a large-scale cyber-attack. This was discovered after a group of unknown hackers were discovered on a Russian cybercrime forum selling network access to the agency with over 1500 computer systems.
FBR is Pakistan’s leading federal law enforcement agency, and it investigates tax evasion, money laundering, and other financial crimes.
Vulnerability In Microsoft Hyper-V Software Exploited
According to sources, hackers were able to access the Microsoft Hyper-V software and take down the agency’s official website as well as all of its subdomains.
Meanwhile, it has been revealed that hackers are currently selling network access to the FBR for $26,000. The organisation is also seeking $30,000, or they will infect all of the FBR’s devices and sell them to prospective purchasers.
FBR Acknowledges the Network access Data Breach
The FBR, on the other hand, has recognised the data breach and called it “a national crisis-like situation.” “The FBR has experienced a significant cyberattack on our data centres,” the FBR said. The agency issued an internal alert that stated, “All applications have been shut down and require support from all teams.”
“The data center’s virtual machines were hacked, and the attackers succeeded to exploit the weakest link, which is Microsoft Inc.’s hyper-V software,” a senior FBR official stated in a statement to local media.
“Since the virtual environment has been disrupted, we are attempting to construct a new virtual environment, which might take up to two days,” said another information technology official. “We’re aiming to restore the websites by tomorrow afternoon and the critical data centre by tomorrow evening, as we don’t want to risk further damage by transferring data too quickly.”
The incident was also described as “cyber-terrorism on our Independence Day (August 14th),” according to the official.
Despite the fact that the hacking group’s identity and affiliation are unclear at this time, FBR has contacted Microsoft to help sort things out and assess the damage caused by the cyberattack.