New Delhi, Jan 25 (IANS) A recent hearing of the Senate Standing Committee on Interior has raised serious concerns about the poor state of cyber security in Pakistan, especially within key government institutions such as NADRA and the Federal Board of Revenue (FBR).

Lawmakers were told that repeated cyber breaches in these organisations have led to the leakage of sensitive personal data of citizens, highlighting major failures in data protection, according to a Business Recorder report.

Senator Afnanullah Khan spoke strongly on the issue and warned that the frequent theft of data from official databases could even suggest the involvement or negligence of insiders.

He said the situation reflects not just isolated lapses but deep-rooted structural weaknesses in Pakistan’s overall cyber security system.

According to him, combined data taken from NADRA, the FBR and even banks is openly available on the dark web, showing how serious and widespread the problem has become.

The threat is not limited to government departments alone. Private sector entities, including banks, telecom companies and digital platforms, are also vulnerable to hacking and data leaks.

Many of these organisations still rely on outdated security systems and lack strong mechanisms to respond quickly when breaches occur.

Meanwhile, cybercriminals are using more advanced methods such as automated attacks, social engineering and linking data from multiple sources to make money from stolen information on a large scale.

Despite these risks, cyber security is still not treated as a major governance or business priority in the country.

Experts believe there is a clear lack of long-term investment, strict enforcement and accountability, which leaves both state institutions and private companies exposed in an increasingly hostile digital world.

This comes at a time when the government is actively promoting digitalisation. The Digital Nation Pakistan Act, passed last year, aims to build a strong digital economy and governance system by expanding digital services and providing digital identities to citizens.

However, critics warn that this rapid push towards digitalisation has not been matched with adequate safety measures.

Expanding digital systems without strong safeguards creates large central data pools, increases points of attack and makes the impact of breaches far more damaging.

Observers stress that any move towards digital platforms must go hand in hand with robust and continuously updated cyber security systems.

It is particularly worrying that Pakistan still does not have a comprehensive data protection law to safeguard personal and financial information.

There is also no legal requirement forcing organisations to invest in cyber security infrastructure or to prepare for threats such as hacking, identity theft and online fraud. In fact, some recent government actions have made the situation worse.

Steps like slowing down internet speeds and trying to restrict the use of VPNs have drawn criticism for showing a poor understanding of digital security.

Slower internet can delay important security updates, while restricting VPNs weakens online privacy and exposes sensitive data.

This, experts say, makes both public and private systems more vulnerable to cyberattacks.

--IANS

pk