CommandEleven on NADRAGate

NADRAGate is one of the most important national security issues to face Pakistan ever. For the first time, the entire database of the citizenry could potentially be in the hands of foreign governments for screening, profiling and other identity related activities.

The essence of this conversation is the WikiLeaks cable, which establishes an irrefutable chain of evidence to an act disastrous to public and national interests.

Before we get into the details of the evidence, we need to establish certain precedents:

The entire conversation is centered on the sale, access, intelligence given to the United States’ Department of Homeland Security, National Security Agency, by in 2009 between the then Interior Minister of Pakistan, Rehman Malik, the President of Pakistan, Asif Zardari, and the Prime Minister of Pakistan Yousaf Raza Gilani.
The facts of the memo are not in dispute because they are CONFIDENTIAL US FEDERAL DOCUMENTS that we were never meant to see. They are available because of Edward Snowden.

It is our duty, much like other think tanks and media organizations, to highlight and educate the Pakistani public to potential dangers to our national security and their personal security. The analysis that we have provided takes the precedents into account and leverages the best resources at our disposal to understand the technical data and provide an understanding for the Pakistani population of what has happened, the implications and the recommendations forward.

We strongly stand behind the integrity of NADRA, as an organization, as this crime was committed against them and the people of Pakistan, but the politicians elected to safeguard them from the same.

CommandEleven’s Background

In the analysis posted on our website from Rafay Baloch, CommandEleven Analyst and internationally respected Cyber Security Specialist, we establish the following:

In June 2015, The Intercept published a report disclosing that GCHQ had hacked PTCL’s Core Routers, allowing them to intercept every single user’s traffic, but also re-route the traffic to their systems.
2016 – another report details how the NSA had gained access to Pakistan’s National Telecommunications Corporation (NTC) using Malware called SECOND DATE.
1. Confirmed with a group called Shadow Brokers leaked a list of compromised hosts from the NSA operation, including a step by step guide on how NSA compromised Mobilink’s network including the CDR (Call Data Records) servers in 2006.
We further establish that a Quantum-Insert attack was carried out on a target in Miranshah, as per another leaked document. Snowden’s own statements confirm that the NSA uses this method regularly.
We establish that, as per the highlighted memo in 2009, Gilani and Malik went to the US Embassy and offered access to NADRA’s database.
This was done through a cover company called – International Identity Service Limited – based in the UK
Incorporated on 9th July, 2009, dissolved 18th November, 2014
We suggested that the consultant company access would not have been limited to just pulling data, but most likely have planted backdoors to obtain updated copies of the database.
We also suggest that the NSA/GCHQ penetration into NADRA would not be Read-Only, but would have gained Insert, Update, Delete records as well.