Over the weekend, police officials, well-versed in the matter, revealed that the online infrastructure of the Islamabad Safe City Authority fell victim to a cyberattack, forcing its temporary shutdown. The incident unfolded two days prior to the disclosure, prompting an immediate halt to system operations.
Hackers breached the primary server on Thursday, gaining unauthorized access to critical data, notably including records from criminal databases. In response, servers managing various systems such as the Complaint Management System, Criminal Management Record System, Human Resources Management System, and several operational software were swiftly taken offline.
Despite the presence of a firewall designed to alert authorities of unauthorized access attempts, officials admitted to a lack of backup servers, necessitating the immediate shutdown of affected systems.
In the aftermath, the IT department of the authority disabled all logins to software and applications crucial for accessing various servers and operational tools.
An officer highlighted that the breach stemmed from compromised login credentials, attributed to the use of weak and easily guessed passwords. Additionally, outdated software and expired licenses further exacerbated the system’s vulnerabilities.
The impacted system, catering to a wide array of services, includes mobile applications, records of smart police vehicles, data from police stations, video analytics, operations of Islamabad Traffic Police, e-challan data, and criminal records.
It’s worth noting that the Safe City camera management system operates independently, ensuring its security even while offline.
In response to inquiries, police spokesperson Taqi Jawad confirmed the hacking attempt and underscored the firewall’s timely alert, prompting the precautionary measure of disabling logins. He clarified that logins have remained suspended for forty-eight hours to facilitate updating credentials, affecting access for numerous police personnel.