FOR IMMEDIATE RELEASE:

The Prevention of Electronic Crimes Bill (PECB) has now become a reality. The National Assembly has approved a flawed and highly problematic drafted bill, and making it law.

This incarnation of the PECB had taken onboard a number of amended provisions that took onboard civil society input, but some of the most frightening and draconian provisions have still not been removed.

Digital Rights Foundation's Executive Director, Nighat Dad, said that "The cyber crime bill is a disaster that is being allowed to envelop the country. Our lawmakers have gone ahead with deeply problematic provisions despite being told time and again what the consequences may be."

This is a bill that has been roundly condemned by respected international and Pakistani human rights organisations and rights experts, including the United Nations Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, David Kaye. In December 2015, David Kaye wrote that if adopted,

"The Bill would also set penalties that would be disproportionate to the infractions and could serve, in practice, to stifle the right to freedom of expression.”

The law contains provisions that violate freedom of expression, and most people still have no idea as to what the law holds for them, how it will impact their lives. The terms and definitions that populate the bill, such as that for “cyberstalking”, have been defined so loosely, that they can be interpreted extremely broadly, ensnaring anyone. The government and the designers of the bill have not taken steps to make people aware of the bill and its consequences, thereby ensuring that Pakistani citizens are now vulnerable and at risk from a heavily flawed and punitive bill.

The bill has been framed countless times as ostensibly protecting the people of Pakistan from cyberterrorism, hate speech, and other electronic crimes. In reality, however, the manner in which the bill defines each is exasperating in its vagueness, and lack of nuance or understanding of freedom of expression rights of Pakistanis.

One provision, Section 34, gives the Pakistan Telecommunications Authority (PTA) generous powers to remove or block access to information, as it sees fit,

“if it considers it necessary in the interest of the glory of Islam or the integrity, security or defence of Pakistan or any part thereof, friendly relations with foreign states, public order, decency or morality”

The PTA has thus so far not demonstrated that it is capable of making such a decision, one that has serious ramifications for the democratic right to the freedom of expression in Pakistan, in a manner that takes into account what the consequences can and will be. In the past blanket bans that have been instituted under the garb of “morality”’ have ended up creating more problems than fixing them. For instance, doctors lost access to valuable and vital online content that related to anything having to do with the female anatomy.

This legislation has been framed as protecting the people. The reality is that it can be used to heavily censor the internet that Pakistanis are familiar with, to ensure that democratic discourse in Pakistan loses another safe space. The state will not need to step in and intimidate people to refrain from the “wrong sort” of speech online: the draconian penalties described in the bill will do the government’s work. It ensures that what safe spaces the minorities of Pakistan had found online will cease to exist, or come under heavy fire. People that were afraid of taking to the streets would use the internet and social media to make sure that their voices were heard. When this safe space is taken away by a state that purports to be protecting them, where else can they and others go?

There has been a degree of apathy and exhaustion. The belief that the law will not be implemented anyway, so why all the fuss? The fuss is that it retains the very great potential of being abused by many people, given its overly broad language and heavy penalties. It can be used to curb freedom of expression that would call truth to power, rather than help the people as the bill’s supporters claim. It is that potential for encroaching abuse and overreach of powers that Digital Rights Foundation and others have been fighting against.

The Government of Pakistan has said that this legislation is meant to protect Pakistanis. The reality is that it criminalises the fundamental rights that are enshrined in the Constitution of Pakistan, taking the nation further down the path to total surveillance, and the lost of freedom.

The Prevention of Electronic Crimes Bill 2016, passed on August 11, 2016.

A few days ago, the newly appointed Chief Minister of Sindh, Murad Ali Shah, created a Whatsapp group, with the express purpose of keeping an eye on the daily activities of members of the Sindh Assembly’s cabinet (who have been added to the group) and to stay up to date on their tasks.

At first glance, this is a fairly innocuous and useful decision by the Chief Minister - it appears to save time and money on the part of taxpayers; it is a more efficient and effective means of getting Sindh’s lawmakers to coordinate matters; default end-to-end encryption ensures that their conversations are protected. Pakistan’s government is not known for its adoption of new technology, contrary to oft-repeated announcements to the contrary. In light of that, would this not be a good move?

There are problems however, once we look more closely at the situation.

One issue, for instance, pertains to the backing up of Whatsapp conversations and media. While conversations themselves are encrypted, and assuming that members of the group are indeed aware that their conversations will be backed up, the backup formats used - depending on the device used - lead to their data being exposed. iCloud (for Whatsapp on iPhone) and Google Drive (for Android users) can allow Whatsapp conversations to be accessed in plain text format, as outlined here. Usage of Web Whatsapp - a feature that lets you read and type Whatsapp messages through a desktop or laptop browser - furthermore, ensures that messages shared can be read if the computer itself is available to anyone with access.

Access to information is a key factor here, especially in regards to who should or should have it. People that have shared documents et al in the group and have downloaded them to their devices will still keep them on said devices if they leave the group or indeed the government, whether by choice or by dismissal.

Public access to information is also impacted by total reliance on closed communication solutions like Whatsapp. The minutes of physical meetings held by government departments, can be accessed by the public if post on their respective websites under the proactive disclosure - virtual group meetings cannot be, unless a member of a Whatsapp group decides to provide the information themselves.

The Chief Minister is not the only lawmaker to utilise Whatsapp or other forms of messaging apps; it is more than likely that Whatsapp, Blackberry Messenger, Skype etc are being used, whether for official communications or for personal matters. What must be taken into account, by lawmakers is that if they support legislation like the Prevention of Electronic Crimes Bill - which has the potential to severely impact the privacy and freedom of expression rights of millions of inhabitants of Pakistan - they too run the risk of their privacy being under attack. Decades of harsh military rule have over the years resulted in the imprisonment of activists and politicians in the past, who are now respected members of the government, in part because of their freedom of expression and their right to privacy being violated.

Low-cost smartphones, fairly affordable data and internet packages, and open-source mobile operating systems in the form of Android have ensured that more people in Pakistan and across the globe have access to the internet and digital services than even a decade ago. As of May 2016, there are more than 133 million mobile subscribers in Pakistan. In this context, it is important for lawmakers to embrace newer technologies, in order to not just communicate more effectively with the public, but to also ensure that there is greater transparency of governmental procedure, and greater appreciation for the rights to freedom of expression and privacy.

This post was written by Hamza Irshad & Adnan Ahmad

For Immediate Release:

Islamabad, 28 July 2016: Amendments proposed by Senate’s Standing Committee on IT and Telecommunications have failed to address key concerns regarding human rights violations raised by various civil society stakeholders. Civil Rights organisations that engaged with the senate committee on the matter, express concerns about the draft of Pakistan Electronic Crime Bill,2016, approved by the Senate Standing Committee on IT and Telecommunication.

Civil rights and industry stakeholders have engaged with the legislators since mid 2015, when this bill was first tabled in the National Assembly. Stakeholders have provided detailed inputs and recommendations, highlighting the potential human rights violations and suggesting alternates in line with constitutional provisions and international best practices. However, the Ministry of IT, has repeatedly dismissed these concerns.

The continued engagement with the civil society and other stakeholders has been possible due to the involvement of some parliamentarians, to whom we remain grateful. However, the most recent set of amendments is disheartening, as it continues to ignore the fundamental concerns raised during the consultations. We feel that the engagement and handwork of the stakeholders is being set aside to push through a law that is contradictory to constitutional rights, international best practices and lacks adequate safeguards and oversight to protect the citizens of Pakistan.

On the contrary, newer and harsher amendments have been added in the approved version. We are particularly concerned by the continued inclusion of Section 34, the dilution of real time surveillance processes that contradicts the process defined in Investigation for Fair Trial Act, the subjective description of hate speech and inclusion of an amendment that allows unfettered power to the Federal Investigation Agency, to generate and submit forensic evidence, instead of relying on an independent body as earlier recommended.

We would like to point out that all the meetings outlined by the committee, along with their given deadlines, were honoured by the civil society. We are deeply disturbed and alarmed that despite our best efforts the bill continues to incorporate provisions that pose a threat to our fundamental rights.

If passed in its current form the bill would be detrimental to civil liberties in Pakistan. It will allow unfettered power to law enforcement agencies and an executive authority to crackdown and criminalize free speech online.

As this approved version goes to the Senate for discussion, we urge Senators to stand up for our civil liberties enshrined in the Constitution of Pakistan and take into consider the amendments suggested by the relevant stakeholders, for the sake of continuation of the democratic process.

Signatures:

Digital Rights Foundation

Bolo Bhi

Bytes For all

Media Matters for Democracy

Freedom Network

IRADA

Courting The Law

NexDegree (Private) Ltd

Tahira Abdullah - Activist

Jibran Nasir – Activist

Never Forget Pakistan

Human Rights Commission of Pakistan

On July 15 Qandeel Baloch was murdered by her brother, claiming that it was a matter of family ‘honour’. One of Pakistan’s most famous and outspoken social media stars, Ms. Baloch used social media platforms to express her life, where she would share her thoughts, opinions and visual media. Her posts would at times poked fun at male Pakistani public figures and celebrities, which were often an exposé of the “hypocrisies of a patriarchal society dominated by a narrow-minded, self-righteous moral police”, according to the the blog No Country For Bold Women. This self-righteousness, a part of public media and social media discourse in Pakistan, regards the right to privacy, to anonymity, as mere obstacles to getting the “truth” out, regardless of the very real consequences that it can have. By violating her right to privacy and broadcasting detailed personal information, without any understanding of what that could entail, a woman was killed - and there still no conversation about privacy in Pakistan.

The self-righteousness that killed Qandeel still persists in the wake of her death, however, and thus compels us to question the facilitating factors at play - not only does the murder continue to be remarked upon with heavy victim-blaming sentiments, there are opinions that have voiced support for her murderer, and against her “lifestyle”. These remain, for the most part, unchallenged in the media. These include statements by senior commentators such as Haroon Rashid at Dunya News and Shahid Masood at ARY, among others, both of whose statements appear to blame her for her own murder; politicians such as Fauzia Kasuri of PTI, who had condemned her death but made misogynistic statements about her lifestyle, and that she required ‘psychological counselling’. Fauzia Kasuri and a few others have since deleted their statements on social media platforms, but there exist receipts on blogs such as No Country For Bold Women.

The constant refrain in the wake of Qandeel Baloch’s death has been that while it was her brother killed her, the media and Pakistani society have her blood on their hands - this is not an unfounded opinion. The provocative and often adversarial nature of the media in Pakistan has often blurred the line between what is in the public interest, and what conforms to journalistic ethics, for the sake of greater viewer or readership figures. The public and the media can be fickle in regards to celebrity, regardless of geography, often looking to break down figures that they may have celebrated or reported on in the past, by uncovering and broadcasting personal information that can put them at risk. This isdangerous enough in the wrong circumstances.The socially conservative and patriarchal nature of Pakistani society ensures that anyone that publicly declares themselves to be feminist and progressive, and who point out the hypocrisies of said society, will find themselves fearing for their lives, without protection from the state, even when they have requested said protection. The lack of proper measures for the right to - and the protection of - personal privacy, as well as a basic society-wide lack of understanding of the concept of privacy, played just as much a part in Qandeel Baloch’s death as the flawed and fragile hyper-masculine concept of ‘honour’.

“Qandeel’s Cinderella Story: She is not a Baloch her real name is Fouzia Azeem she is dishonouring Baloch people”. This tweet, which since has been deleted, was by Hamir Mir, an influential veteran journalist with Geo News in Pakistan. This lapse in journalism ethics particularly galling as being a veteran journalist, Mr. Mir has found himself in danger on a number of occasions for his reportage and commentary, and should have understood the necessity of anonymity and safeguarding the privacy of an individual. By revealing her real name, it highlighted a disturbing lapse of journalistic ethics, and opened her up to greater risk of attack.

In the days leading up to her death, a man claiming to be an ex-husband approached the media, revealing details about their marriage and child. Ms. Baloch confirmed the marriage, and went on to explain that it was an abusive situation that she had to leave. Furthermore a politician in Dera Gazi Khan sent her a legal order, “demanding that she apologise for ‘bringing shame’ to the Baloch race, stop using Baloch as her surname and pay him Rs. 50 million [...] otherwise, strict action will be taken against you." This led to death threats that prompted her to seek protection from the government, to no end, caused her to make the decision to leave Pakistan after Eid-ul-Fitr, with her parents.

This cannot and should not be placed solely on the shoulders of one journalist, however, but a wider media culture: on June 23, Daily Pakistan ran a profile on its website (still available at the time of writing), that carried had a scanned image of her Pakistani passport, with her details readily available and easily exploited. Further to this, an Urdu-language piece by Siasat TV extensively exploited Qandeel’s private life for their viewers - as with the Dunya article, this too is still readily available online today.

These examples of violations of Qandeel Baloch’s privacy and anonymity have led to the creation of No Country For Bold Women: a blog that has recorded these and other examples of invasion of privacy, of victim blaming, before and after her murder, so that evidence is kept for posterity, even after the originals have been erased. When one understands the the social context in Pakistan, the broadcasting of her personal information by the media - already a violation of journalistic ethics and objectivity, takes on a more horrific tone, as that violation of privacy can and did lead directly to her death at the hands of her brother, toxic masculinity, and the predatory media.

The damage has been done. The question becomes, however: what can and must be done in the wake of Qandeel Baloch’s murder?

The media often regards itself as a valuable part of a nation’s fabric, productively contributing to the social ecosystem. A free press is rightly a vital part of democratic discourse, but a feral press that decides to dictate or echo questionable morality does not aid that discourse. Freedom of the press does not necessarily mean freedom from consequences of the outcome. We are not calling for the muzzling of the media, but there must be accountability. There must be a sea-change in the way that journalistic ethics – or an apparent lack thereof – are adhered to in Pakistan.

PS: The examples of violations of privacy, victim-blaming, and the interviews referred to in the post can be found at the No Country For Bold Women blog.

Its our Saturday – after an exhausting week of work, we deserve a break. A break from the world, a break from the bullshit that surrounds the world we find ourselves in. And to be completely honest it was going all serenely and as planned – the doing nothing that is – till we opened Facebook to find out that Qandeel Baloch has been killed.

And now we’re enraged.

We can’t write enough about how sad, shocked and enraged we are. Our bodies shiver from a mix of these emotions and we can’t physically vocalize them. Why? Because the eternal patriarchy that upholds the Pakistani society is rejoicing in Qandeel’s murder.

And it has so many names and forms: the celebration is happening on cell phones held, through tweets and Facebook posts, in the kitchen where rotis are being made, in darkened rooms littered with tissues and dirty rags, in weekend gatherings of testosterone – its everywhere.

And we as an organization are repulsed. Qandeel Baloch, a girl in her twenties, a survivor of an abusive marriage, a mother of a child – and a woman who was taking charge of sexuality has been murdered. It doesn’t matter who killed her, because let’s be honest – we as a nation killed her.

Yes! Me and you, us – we killed her and many others who die every single day in Pakistan. The approximately one thousand girls who die every year in the name of honor. And now while every news media outlet tries to capitalize on her death, while members of this society raise her son to hate her mother’s memory – we as citizens won’t be held accountable. We killed her.

Never forget. All of us who are happy in her death, who called her names in public but jerked off to her our rooms – we killed her. We killed her slowly but surely. And we aren’t sorry, we won’t be sorry, we will celebrate. This me and you – we have so many forms. We are mullahs who sleazed up to girls and boys whilst stroking our beards. We are the boys and men who police women 24/7, we are the girls and women who call Qandeel a bitch, a slut, a whore. We are the same bunch who say things like “if that girl was killed in the name of honour, she probably deserved it”.

Qandeel Baloch – was, is and now never will be the ‘Pakistani Kim Kardashian’. She did not come from the bourgeois elite, she was not educated in the best schools, she did not have the best paid PR team in the world marketing her, and she most definitely did not have the one of the best security detail surrounding her.

Qandeel was a woman who chose to share her life on social media despite of us, she chose to be in-charge of sexuality and she refused to be ashamed for her being. She was defiant and courageous, she claimed online spaces and offline spaces – she made sure that her presence was felt and that she was heard. And we Pakistani loved her for it! This was why we followed her, debated her, invited her on talk shows, took selfies with her. We loved to hate her and now we’ve done the best we could. We couldn’t all collectively **** her, so we helped kill her.

It’s all good though, our conscience won’t be too burdened by this killing. We’ll resort to the Quran, the Mullahs, our Ghairat to justify her killing and many others to come. We are sure about this, because this is exactly what we’ve done to justify all the other honor killings that take place in this country every year. And we as nation hope to one day reach a place where we will have killed every defiant woman and minority before they have even managed taken their first breathe.

This post was authored by Ushbah Al-Ain

A two day meeting took place on Wednesday and Thursday i.e. June 29-30 respectively where the Senate Sub-Committee overlooking the Prevention of Electronic Crimes Bill 2016 deliberated with civil society actors, social media activists and internet service providers, on the many issues within the draft.

This post is the first of a two part series on the proceedings of the meeting.

On Wednesday, the parliamentary panel looked into amending the different clauses that will hurt the cause of human rights in Pakistan. Freedom of expression, social media and the different punishments that are to be meted out were put on the table.

Osman Saifullah Khan chaired the meeting which was also attended by Digital Rights Foundation Executive Director Nighat Dad.

The problem of there being no balance was brought up during the meeting. A multitude of sections were discussed during the meeting and the stakeholders present gave their input as to what should be changed and what should be omitted.

Senator Farhatullah Babar who was also present on the occasion said that the bill required more clarity. He questioned the impact that the bill would have on the flow of information and freedom of expression. He also highlighted that data protection and safeguards to personal data are an issue that needs to be remedied.

The committee placed under consideration Section 19 which talks about offences against the dignity of the natural person.

NayaTel CEO Wahaj-u-Siraj was of the view that other laws already deal with this issue and this clause should be omitted from the bill. He also said that the clause could be used to abuse power and curb freedom on social media. The committee said that the proposed punishment for the section i.e. fine and imprisonment, also needed to be revisited.

Senator Mohsin Khan Leghari said that citizens also needed protection and the bill was failing to provide. It. Senator Shibli Faraz highlighted the ignorance that is prevalent in Pakistan and said that the laws need to be developed in a manner so that they could benefit the average Pakistani.

While the committee said that the clause should be kept because it would play an important role, they also acknowledged that it needed major amendments before it could be allowed to go through.

The committee also looked into Section 22 which has to do with spamming. It was observed that laws against spamming exist in many countries, however, it should not be criminalized.

Here Nighat Dad pointed out that the bill had no protection for whistle blowers or those who leaked information with public interest in their mind. The FIA official present was adamant that anyone giving out information was committing a crime, irrespective of their intent. Officials responded to a question by Babar by saying that the spamming had to do with commercial and marketing spamming and not unsolicited communication.

They advised that the imprisonment should be removed, however, the fine penalty should be retained. During the next meeting, a comparison of EU and Singaporean law will also be brought to the table to see what improvements can be made to the PECB.

For Section 21, which deals with cyber stalking, the committee recommended that the content of the bill be tightened for better clarity.

The meeting of the Senate Standing Committee on Information Technology’s Sub-Committee on the PECB continued on Thursday, June 30 and was rife with discussion on data.

The problems pertaining to data sharing and data protection took centre stage with all stakeholders trying to come to consensus as to what should be done. The question of whether the Pakistan Telecommunication Authority (PTA) and PEC itself require the powers that are being allotted to them was also brought up.

Once again, Osman Saifullah Khan took his position as the chair and was joined by other senators at the session.

Section 39, which has to do with international cooperation was brought up during the meeting. This section allowed the government to share information with spy agencies and foreign governments.

Senator Farhatullah Babar said that the section was flawed and made him feel vulnerable. He questioned why the government could provide his information and details to any country or agency without any safeguards in place to ensure that the data was not mishandled or misused.

He also asked what guarantee there was to ensure that the investigation officer would not use the data to manipulate, harass or extort another person.

The Digital Rights Foundation proposes that this section needs rules and procedures for its implementation. It should not be the prerogative of the Pakistani government to share any information with another government without due processes.

Section 38, which has to do with confidentiality of information, also came under discussion. The committee pointed out that the ministry needed to ensure that the seized item and their data remained protected.

The officials present said that a proper channel would be used to share data under international cooperation law. The blanket authority being granted to the PTA as per section 29 was questioned by both the civil society and the committee members.

Civil society said that the clause should be deleted because of the privacy violation of the entire internet users in Pakistan. However, Senator Osman Saifullah said that in a country like Pakistan this is not possible and we need to look for a middle ground solution.

In response to that, Senator Farhatullah Babar mentioned that if ISPs need to retain internet users data they need to include judicial oversight and only retain data of criminals and terrorists once they have reasonable suspicions.

Even to retain data for those criminals they need a judicial warrant and follow procedure mentioned in the Fair Trial Act. Dad also pointed out that while larger ISPs could afford the cost of retaining so much data, smaller ISPs would not be able to do so. Ultimately, the burden of that cost will be thrown to the average user who will end up paying a lot more for their online presence.

As an advocate of privacy our organization is of the view that there is no evidence to support the assertion that data retention leads to a decrease in terrorist activities.

Research has demonstrated that many countries have rejected data retention, including Austria, Belgium, Greece, Sweden, Germany, Bulgaria etc. Serious crimes continue to exist in these countries, and they continue to tackle them without data retention that hurts civil liberties. This clause should be omitted as it violates the right to privacy.

Section 34, which gives powers to PTA to block anything they want, also came under discussion. For a little background readers should know that PTA’s ability to block content at will is already being challenged in court.

The civil society present said that it should be removed but some of the senators said that deletion is not a proper solution and some powers should exist. They proposed that these powers be not added to this legislation and instead the PTA act should be amended to include these powers.

However, this solution is facing resistance because of the lengthy process involved.

Members of the civil society also asked that Section 10 be removed from the bill. The section has to do with cyber terrorism.

Dad said that there is no need for this section when the entire section already exists in the Anti Terrorism Act 1997 and the section is 11 W.

Apart from this it was also mentioned that this section mentions a 14 year penalty, whereas the ATA only mentions 6 months. So an offline act of terrorism, which includes many things, only 6 months are mentioned but for online terrorism act they are mentioning 14 years of imprisonment.

The reason for pointing this out was to highlight that there is a replicability between laws and there is a lack of consistency. Why can’t they implement existing legislation instead of making new ones, Dad questioned.

Dad further said that amendments need to be made to existing legislation to include new provisions that are needed - there is no agreed definition of cyber terrorism globally, she explained and further asked how it would be defined in Pakistan.

It is also disheartening that repetitions and provisions that are glaring examples of what should be removed from the bill are being allowed to only go through 'amendments' by the sub-committee. Despite the civil society stakeholders having submitted their recommendations and highlighting how this law could backfire later, redrafting has been restricted to actions that are simply not enough.

The speculations that civil society actors were not prepared and didn't submit formulations is incorrect. Farieha Aziz from Bolo Bhi read out many alternative formulations of clauses at the meetings.
DRF believes that civil liberties should not a be a casualty in the name of security and the fight against terrorism under such legislations. Pakistan should set a good precedent by enacting a cyber crime law that is a balance between security and human rights

With the onset of the digital age, legislation that protects citizens from cybercrime and terrorism is needed more than ever, provided that a fair and progressive balance is struck between security and liberty. The Prevention of Electronic Crimes Bill does not meet that balance - rather than protect the rights of Pakistani citizens as its authors and supporters claim, its passage will in effect criminalise freedom of expression, and put the privacy of Pakistani citizens at risk. The Bill has attracted criticism from Pakistani and international observers and rights organisations, including the UN Special Rapporteur on freedom of expression, and from members of the opposition in the Pakistani National Assembly. This has not stopped this flawed legislation from being passed by the NA Standing Committee on IT, however, on April 13, 2016, with more than 90% of MNAs not present. The fate of the PECB now rests with the Senate.

On Tuesday, May 17, 2016, Digital Rights Foundation and Bolo Bhi will hold a consultation with the Senate of Pakistan, on the Prevention of Electronic Crimes Bill, to tackle the bill and stop it from being law. Join us!

% of Malware Infections Worldwide in 4Q2015. Courtesy of Microsoft.

Microsoft released its annual Security Intelligence report in the first week of May, covering the last half of 2015, from June to December. This report, now in its 20^th volume, examines and breaks down what the Seattle-based tech company calls the “threat landscape of exploits, vulnerabilities, and malware using data from internet services and over 600 million computers worldwide”. According to the company, Microsoft looks as upwards of at least “10 million attacks” a day – nearly half of which originate in Asia.

To gauge which countries are the biggest targets for malware, Microsoft gathers the data from global computer systems that run its security software in real-time, reporting all incidents of malware attacks, regardless of success penetration or not – this metric is referred to Microsoft as the "encounter rate". Another metric used is the "Computers Cleaned per mile" or CCM, which is defined as the number of “computers cleaned for every 1,000 unique computers executing the Malicious Removal Tool (MRST)”, a free tool Microsoft uses to clean or remove over “200 highly prevalent or serious threats from computers.

Infection & CCM Graphs, indicating malware attacks in 4Q2015, regardless of success or otherwise. Courtesy of Microsoft.

Utilising the "encounter rate" and CCM metrics, what Microsoft found was that the countries that were most under threat from attempted malware attacks last year were Bangladesh, Palestine, Nepal, Indonesia, and Pakistan. They found that while the worldwide encounter rate and CCM by the end of the last quarter of 2015 were 20.8% and 16.9% respectively, Pakistan experienced a 63% encounter rate, and a CCM rate of 71.3%. The three most common forms of malware attacks that Pakistani computer systems were experiencing by the end of the last quarter of 2015 were:

• Worms, “encountered by 35% of all computers”, marking an increase from 25.6 in the third quarter of 2015;
• Trojans “encountered by 25% of all computers”, marking an increase from 23.3 in the third quarter of 2015;
• Viruses “encountered by 11.6% of all computers”, marking an increase from 8.5 in the third quarter of 2015.

The Microsoft Security Intelligence (MSI) report on Pakistan, which breaks down what these numbers mean for users, can be downloaded here.

PLATINUM Threat

In addition to malware, the MSI report also covers the history and activities of a targeted activity group (TAG) that it has codenamed PLATINUM – a group that has garnered concerned interest due to its “aggressive, persistent tactics and techniques as well as its repeated use of new zero-day exploits to attack its targets.”

TAGs are generally opportunistic, with no fixed geographic target profile or attack strategy per se, looking globally. Much like other TAGs, PLATINUM shares an interest in stealing very sensitive intellectual property “related to government interests”. Where PLATINUM differs, however, is that unlike many other groups, it appears to have a specific geographic focus, in this case South and South-East Asia. Making use of “zero-day exploits” (where an attacker makes use of vulnerabilities in a computer system to exploit the system and networks) and “spear phishing” (target-specific phishing attacks), PLATINUM has targeted “governmental organizations, defense institutes, intelligence agencies, diplomatic institutions, and telecommunication providers.”

According to the MSI, PLATINUM has been able to carry out several “espionage campaigns” going back to 2009, making use of custom software tools and techniques to access their desired data, and then in turn make efforts to delete any trace of their “infection tracks.” The length and breadth of their activities, not to mention their focus on state data, could indicate either funding and support from a state actor, or a private group funding for the same reason. More information can be found on PLATINUM, and its troubling implications for national security mechanism in South Asia and South-East Asia, can be found here.

Keeping the entire blog in account, the best practice for everyday internet user would be stay safe in every way possible. Basic human practices such as changing passwords frequently and not clicking unknown links would benefit in a larger scale

There are concerns that we have with this report by Microsoft, however, which users should note: the report does not make mention of malware attempts on other major operating systems such as Apple's OSX, or Linux. The lack of mentions of Linux is especially important, as a growing number of governments are looking to move away from proprietary OSes such as Windows, and towards open source alternatives – usually modification of Linux distributions - that can be tailored to be more stringent and with less bloat present.

Microsoft itself has come under fire in recent years, due to its heavy retention of, and demand for user data – which this report is itself is heavily reliant on – present in Windows 10, gathered via data collection from a number of input devices and services, such as: location, camera, microphone, speech, inking, typing, account info, contacts, calendar, messaging, radios, devices, feedback, diagnostics, and background apps. These demands, as well as the keylogger built into Windows 10, put the private data and security of users at risk, and conversely make systems running on Microsoft products much more appealing to malware operators.

The findings of the report, however, do have merit: to be as safe as possible, it is important that all internet users implement best practices to safeguard their security, especially at a time when malicious attacks are evolving. Simple techniques such as changing passwords frequently, not clicking on unknown and suspicious links, and keeping systems up to date are just some of the small steps that users can take to defend themselves.

Written by Adnan Chaudhri