Pakistan's Federal Board of Revenue – the nation's tax office – has experienced a lengthy outage after a migration project went bad, perhaps as the result of a cyber-attack.
The Board (FBR) has acknowledged that an upgrade process encountered "unforeseen anomalies" that resulted in an outage to its public-facing services from the evening of August 13th.
A subsequent update said only some Customs-related services went down, but local media report the problem was not of the FBR's making, and that the Board was attacked and all its virtual machines rendered inoperable.
- Huawei stole our tech and created a 'backdoor' to spy on Pakistan, claims IT biz
- In Pakistan, a car company will soon be making Samsung mobile phones
- Pakistan bans TikTok, for the fourth time
A statement reported by multiple Pakistani news outlets – some of which say it came from an FBR official while others say it was an official speaking without authorisation – says the incident was the result of malicious actors cracking the Board's implementation of Microsoft's Hyper-V hypervisor. Some reports say the FBR advised it needed 48 hours to restore services, which suggests decent disaster recovery infrastructure and processes were in place.
Other local reports suggest FBR data has been seen for sale on the dark web.
Whatever happened, the FBR's last word on the matter, issued on August 16th, says it restored all public-facing services.
A Hyper-V attack is certainly a plausible explanation for the incident, as CVE-2021-28476 can crash hosts. The bug was patched in May 2021 but the FBR would hardly be alone in being a few months behind on patching. ®