As the nation discusses PMOLeaks, we, at CommandEleven, are neither surprised nor shocked that the Prime Minister House and the Government of Pakistan was the target of this cyber operation. This has been slowly expanding since 2017 with no response, or change in protection tactics, from the Government of Pakistan, security institutions nor intelligence organizations.

While yet ANOTHER commission and ANOTHER JIT is being formed to investigate the source of the leaks, we can be assured that this leak is nothing compared to what is coming in the future.

Before anyone assumes CommandEleven has entered the conspiracy theory game, this analysis will lay each KNOWN breach of security and either institutional or individual response to assure it doesn’t occur again.

For years, Pakistan’s security apparatus, politicians and establishment has allowed these problems to occur because of their inability to understand, combat or counter any of the new forms of tradecraft being implemented today.

This was not the first breach, and sadly will not be the last.

Let’s be clear – many previous lapses created the situation that Pakistan struggles with, without response nor corrective measures.

Let’s start by discussing tradecraft and its implications on the operations of a nation.

TRADECRAFT

What we are seeing are different forms of tradecraft. Tradecraft is a term usually associated with state espionage, but has been modified over time since the inception of 4th and 5th Generation warfare.

Tradecraft is encompassed with all the methods and tactics that can be used to gather intelligence against any party, individual, politician, judge, general or institution. However, tradecraft is used by both invaders and protectors, making a second potential layer that can be compromised.

Basically, any information that is publicly available, or can be privately acquired, is information that can be compromised by foreign state and non-state actors.

In the past, before the introduction of information warfare, tradecraft was all paper, signals and human gathered intelligence.

Now, we all live in a different world…

HOW TRADECRAFT CHANGED

With the inception of entertainment, the intelligence world found a way to “craft” the minds of people, both foreign and domestic, to a point of view, a course of action or violence. While wars were being fought in the news media, talk shows and other means, the people were never affected because they spent a total of one hour watching the news from 6-7 pm, with the rest of the time watching programs crafted to entertain them.

Then, the Goebbels’ of the world awoke.

Slowly, the world saw their television programs, movies and entertainment overall changed. Public interests started to introduce the concepts that “elite society” stood opposed too. State enemies became entertainment-focused enemies to build and ferment bias. And, as entertainment changed, news media also changed into infotainment – news designed to entertain.

For the international media, this was a blockbuster for their bank accounts, but it did nothing for determining the ACTUAL effect on the population. So, the “powers that be,” whether they be in the government or the media, started opinion polls to start judging how many “hearts and minds” targeting with the “message of the day.”

Much like Goebbels sought methods to better deliver his message to the people of Nazi Germany, the “elite society” decided they needed other methods to be able to infiltrate the minds of their targets.

Thus, came the internet.

The internet opened new doors and opportunities to not only gather, but manipulate opinions. From yesterday’s text-only discussion forums to today’s social media, the world was given voice, whether it was positive or negative, without any controls or management.

Goebbels would be pleased.

Technology made tradecraft significantly easier. Technology gave the world the most effective espionage, surveillance and monitoring tool – the smart phone. Thus, tradecraft transformed into information warfare, which is commonly known as Fourth Generation or Fifth Generation Warfare (4GW/5GW). From financials and emails to calls and pictures, every individual could now be tracked. monitored, surveilled directly, without the need for shells or human contact. But, most importantly, all the information that companies, governments, politicians and foreign intelligence agencies wanted was being posted, commented and shared by the individuals themselves – making building accurate individual’s profiles very easy.

Before anyone decides to blame a specific political government for these failures, we need to be clear that not one single government is to blame. They all are to blame, which will be discussed in this paper. Leaks like these didn’t surface for the first time today, but will continue to surface because of our own failures to secure our national assets.

These hacks and leaks have been a problem for Pakistan in 2008, which we will discuss in detail, but we will also discuss how the Government of Pakistan, Pakistan’s security establishment and its bureaucracy allowed these failures to occur, gained political milage against each other, the media was able to run endless headline news beepers & talk shows for TRP ratings, but in the end…. nothing was ever done to plug the leak, prosecute those who were involved and assure that similar incidents don’t occur again.

Be very clear, all of Pakistan’s corporations, service providers, governments, military and any institution are directly at risk – significant risk. This is a major that we have repeatedly highlighted here on the CommandEleven platform, but, as with every issue in Pakistan, the politicians make speeches and form commissions/JITs to prepare reports for file cabinets in the Establishment Division, while on ground, nothing is done to secure Pakistan’s most sensitive assets, materials and institutions.

Keep in mind that Pakistan also has a formal institution, the National Telecommunications and Information Security Board (NTISB), within the federal government, tasked with advising the federal government about the security aspects of information and telecommunications with government departments and institutions. Their board is made up of the heads of the Pakistan Telecommunications Authority (PTA), National Database and Registration Authority (NADRA) and the National Technology Council (NTC).

Also, there is a National Security Advisor, a Federal Minister for Information Technology, the Intelligence Bureau (IB) and the Federal Investigation Agency (FIA), who should have been directly tasked with finding solutions to these hacks, leaks and cyber-attacks. These institutions have also not been tasked with finding solutions, only to take the blame without investigation.

At a time when digital identifications are gaining more and more valuable for everyone, exposing anyone’s private data will ultimately become a nightmare for the individuals effected.