If the way the Federal Board of Revenue (FBR) goes about its duties didn’t already leave a lot to be desired, it now turns out that it was completely incapable, owning to nothing more than sheer incompetence and corruption, of even safeguarding the precious data stored on its web portal. And even though its official line about the mysterious suspension of its online services is that ‘maintenance work’ is being carried out, the fact that it was caught completely unawares by as yet unknown cyber hackers has already leaked to the press. If news reports, which have not yet been challenged by FBR, are to be trusted then early Saturday morning, about 2am, hackers were able to break what is called the hyper-V software by Microsoft and bring down all official websites operated by the tax authority.
It will take a while before the real extent of the damage becomes known, and definitely a lot longer before the truth reaches the public, but it is already pretty clear, and being commented on, that part of the reason that the attack went completely undetected, despite timely warnings, was the fact that the relevant department has been filled by non-professional individuals who are busy planning and conducting their own turf wars of influence within the organisation. This problem, of political and personal appointees, is prevalent across government departments; and it has now clearly reached a point where must be checked very urgently and strongly.
FBR stores all the data of all important transactions, and a whole lot more, that take place in the entire country all the time. If the hackers turn out to be cyber mercenaries employed to do the dirty work of countries hostile to us, which apparently is the working assumption so far, then who should be held responsible for such dangerous breach of security? A very thorough and quick inquiry needs to be carried out to determine all the causes for this unacceptable embarrassment. These are times when the government is practically bending over backwards to overhaul the tax machinery and reform the FBR. But no such effort, no matter how sincere, will ever bear fruit till the rot is first removed from within the system. It must also be investigated, and explained to everybody who trusted FBR with their data, just why the warning about an imminent attack was ignored, who gave the warning and based on what information, and why was the attack still successful. *