Research Project

Topic:

The Study of Cybercrimes Threats In Pakistan, Fueled by

Technological Advancement

Supervisor
M. Muneeb Raza

(Lecturer Department of law)

Submitted by:

Muhammad Sheraz Aslam

Roll No. FA1914BA130

10th Section “C”

Session 2019-2024

Department of Law

The Islamia University Bahawalpur

1|P a ge
 Acknowledgement
First of all, I am thankful to Allah Almighty, Most Beneficent and Merciful! Who blessed me

with courage and enlightened our heart with lightning of knowledge. All respect and regards to

the Holy Prophet (S.A.W) greatest teacher of the world. This study is dedicated to my respected

teachers. I am thankful to all my family members, friends, roommates and fellows whose

encouragement and prayers make the way easier.

2|P a ge
Student Declaration
It is solemnly declared that this study is my original work that I have been done it with greater
efforts and struggle. None of its part is submitted to any easy, dissertation, research and thesis.
This is my pure academic work. Through information and knowledge I have been completed this
s of study. I know that the plagrisms is a crime. Therefore, this is my own handwritten work after
a long consideration and study. Sir, Mr. Muneeb Raza, helped me a lot to complete this research
study. Through his guidance I am able to complete this study. I am also thankful to the Mr.
Jibran Jamshad (H.O.D) of law department, who provide us this sort of opportunity.

Muhammad Sheraz Aslam

3|P a ge
 Supervisor declaration

It is hereby certified that work represented by Muhammad Sheraz Aslam in the research report
titled “The study of Cybercrimes threats in Pakistan, fueled by technological advancement”
Is based on the result of the study conducted by candidate under my supervision. He has fulfilled
all the requirements and is qualified to submit this research report in the subject matter of
Research Project.

M. Muneeb Raza

(Lecturer Department of law)

The Islamia University Bahawalpur

4|P a ge
 APPROVAL CIRTIFICATE

It is certified that the department of law, Islamia University Bahawalpur has accepted the
research project submitted by Muhammad Sheraz Aslam in the current meeting for the
requirement of the LL.B.

Candidate Name Muhammad Sheraz Aslam

Supervisor ______________________

M. Muneeb Raza

(Lecturer Department of law)

External Examiner __________________________

Chairman of Department __________________________

Sir. Jibran Jamshad

Date __________________________

5|P a ge
 Abstract

Revolution and evolution is the reasons that world is going to be more advanced, significantly in
the field of computer. However this sort of advancement also brought some threats in our society
and in these threats one of the main is cybercrime. The growing revolution in the computer can
also brought the Cybercrimes threat is one of the major problems of the digital world in Pakistan,
and, at the moment, it negatively impacts the people, businesses, and government. This study
provides a legal analysis of the following major layers of the cyber threat in Pakistan: causes of
cybercrimes, and cyber security vulnerable, pertinent issues. The current laws with regard to
cybercrimes and handle the issues related to it but due to advancement in technology the
cybercrimes becomes more advanced and undetectable under the devices and abstruse for the
law and enforcing agencies to collect the evidence of that crime. This analysis determined the
weaknesses of the existing legislation towards efficient fight against cyber threat. The important
area of the research is to give a strong basis to foster and strengthening the exciting laws and
choosing these to the updated cyber security challenges, consumer cyber literacy and cyber
awareness, and international cooperation to grapple with the transnational cybercrime syndicates.
Taking harmonious measures within these spheres can bore fruit for Pakistanis cyber security
dealing capacity and ensure that the digital of the country is able to stand the phenomenal length
of cyber threats. Using modern devices to commit the cybercrime is another muddle in the head
of society. In order to halt these threatening crimes there has been dire and critical need to
improve the function of investigating agencies and public awareness.

Key words: cybercrime, Ethical hacker, cyber threats, online harassment, deep fake.

6|P a ge
Contents
1. Introduction ......................................................................................................................................... 9
1.1. Research objective ................................................................................................................... 9
1.2. Research Questions................................................................................................................ 10
1.3. Literature review.................................................................................................................... 10
1.4. Methodology ............................................................................................................................. 11
1.5. Case Study ................................................................................................................................. 11
1.6. Ethical consideration .................................................................................................................. 12
2. Cybercrime and challenges in legal framework .................................................................................. 12
2.1. Types of Cybercrimes with the advancement of technology ......................................................... 13
a) Fraud ..................................................................................................................................... 13
b) Hacking ..................................................................................................................................... 13
c). Online Harassment .................................................................................................................... 14
d). Deep fake and digital piracy...................................................................................................... 14
e).Phishing..................................................................................................................................... 15
f). Malware Software ..................................................................................................................... 15
g). Denial of Service (DoS) Attacks: .............................................................................................. 16
h) Insider Threats ........................................................................................................................... 16
i). Identity theft .............................................................................................................................. 16
Challenges in cybercrime and the exciting Legal Frame work in Pakistan............................................ 18
2.1. Telegraph Act, 1885.................................................................................................................... 18
2.2. The Pakistan Telecommunications (Re-organization) Act, 1996 .................................................. 18
2.3. National Information Technology Policy and Action Plan, 2000 .................................................. 19
2.4. Electronic Transactions Ordinance, 2002 .................................................................................... 19
2.5. The Electronic Crimes Act, 2004 ................................................................................................ 19
2.6. The Prevention of Electronic Crimes Act (PECA), 2016.............................................................. 20
3. Challenges and threats due to Technological Advancement ............................................................... 21
3.1. Jurisdictional Problem................................................................................................................. 21
a) Investment of time ................................................................................................................. 21
b) Less qualified expert .............................................................................................................. 22
c) Digital Forensic Equipment .................................................................................................... 22
d) Fear in Victim ........................................................................................................................ 22

7|P a ge
 3.2. Evidence Collection and Tracing phenomena .............................................................................. 22
a) AI( Artificial Intelligence) and MI( Machine Learning) .......................................................... 23
b) Autonomous devices and system ............................................................................................ 23
c) Computing and data storage technology ................................................................................. 23
d) Internet of things .................................................................................................................... 23
3.4. Emerging cyber threats ............................................................................................................... 24
3.5. Cyber Espionage and State; Sponsored Attacks ........................................................................... 24
3.6. Online Extremism and Radicalization ......................................................................................... 24
3.7. Data Privacy Concerns................................................................................................................. 25
3.8. Fake Social Media Account ........................................................................................................ 25
3.9. Hacking ...................................................................................................................................... 25
3.10 Lack of Public Awareness .......................................................................................................... 26
3.11 Case Laws .............................................................................................................................. 26
I. Sheraz khan v. State and another ................................................................................................ 26
II. Meera Shafi v. State of Pakistan and others. ............................................................................... 27
III. Fakhar Zaman petitioner V State and other Respondent .......................................................... 27
4. Recommendations ............................................................................................................................. 28
4.1 Public Awareness......................................................................................................................... 28
4.2 Establishment of Special Courts ................................................................................................... 29
4.3 Establishment of Forensic laboratories regarding cybercrime. ...................................................... 29
4.4 Appointment of Ethical Hacker .................................................................................................... 29
4.5 Amendments in Legal Frame work in Pakistan ............................................................................. 29
4.6. Using updated devices or software ............................................................................................. 30
Conclusion ............................................................................................................................................ 30
References ............................................................................................................................................ 31

8|P a ge
The Study of Cybercrimes Threats In Pakistan, Fueled By
Technological Advancement.

1. Introduction
Everything in the universe are under the changing phenomena, the evolution lead to revolution,
the good things become bad and bad things become good with the passage of time. The myth is
too broken and a new thing is emerged as an understandable. In history, the stories of the myth
have been filled to pack. Likewise the story of internet and its evolution, initially, it was
considered as the huge sources of the information. Later, it is one of those sorts of technologies
that have advantages and disadvantages.

With the advent of computer, a new revolution has been started in the world, the traditional
phenomena has been shifted to modernized and evolved. With this advancement the traditional
crimes are shifted toward the digitalization. These are called cybercrimes. The cybercrimes have
been day to day increasing and the new enigmas have been erupting out from it under the roof
the advancement and boost occurred in technologies. The court’s role remains ordinary, however
the crime becoming advanced and next level. It is a scourge which affects the lives in glob as
well as in Pakistan.it has been accelerated on national and international standard. The legal
response is failing in Pakistan. The court is in muddle to deals the offences under the
cybercrimes. Firstly, the problem like to exercise the regular jurisdiction of the court, secondly,
the problem of collection, validity, tracing and correctness in the evidence process, thirdly, lack
of establishment of relevant special court to deal the cyber related offences, fourthly, the lack of
appointment of the ethical hacker or white hacker. Ergo, with the technological advancement the
surge in the cybercrime and perplexity of the courts has been raised.

1.1.Research objective
The research objective is to understand the phenomena of the cybercrimes and how it works
in Pakistan. The surges in the supply in technology also brought some malicious activities in
which one of them is cybercrime and the ethical concerns with regard to it. Firstly, the
research focus on how data is to be stolen by the hackers and what are the difficulties are

9|P a ge
 faced by law and enforcing agencies and courts to trace out the criminals. Thirdly, this
research will provide the reader a comprehensive legislation history with regard to the
cybercrime legislation. Lastly, to recommend some of the cogent solutions for these
challenges related to the cybercrimes.

1.2. Research Questions

The following are the research questions for this study.
1. How technological advancement impact the effectiveness of Pakistani courts for the
prosecution of the cybercriminals?
2. What are exciting laws regarding the cybercrime and how effective they are to cope the
updated threats?
3. What is the exciting legal framework and challenges faced due to cybercrimes?

1.3. Literature review

Cybercrimes: a case study of legislation in Pakistan in the light of other jurisdictions,
written by Mahboob Husain. In this research thesis, the writer focused on Cybercrimes is
hurting businesses a lot. They are happening more and more and costing a ton of money. The
laws we have are not strong enough to stop them, so the criminals often get away with it.
People in Pakistan really want better laws to deal with cybercrimes. Existing Cyber -Laws
and Their Role in Legal Aspects of Cybercrime in Pakistan written by Asif Kamran et
al. In this research article there has been a clear approach filed with regard to the induction of
the cyber laws and the digital and physical evidence with regard to the crime. A difficulty in
the collection of evidence process that leads to exonerated the cybercriminal from
punishment. Pakistan and Cyber Crimes: Problems and Preventions written by Sultan
Ulla et al, the article leadings toward the rational approach that what are the problems?
Challenges? And remedies for the cybercrime victims? It also described the anti-cybercrimes
policies by the Government.
Cyber Crimes Trends in Pakistan: Analyzing the Legal Framework and Enforcement
written by Hobashia Saleem et al, a critically analysis with regard to cyber laws and Cyber
laws handle concerns in cyberspace and deal with cyber offenders. The primary objectives of
this study are to examine the prevalence of cybercrimes in Pakistan.

10 | P a g e
 Cyber threats landscape and readiness challenges of Pakistan written by Muhammad
Riaz (2019). This study focused on the cyber threats a state or organization is depend upon
the vulnerability of ICT. In vulnerability, it includes the both aspect technical and social.
Cyber threats and incident response capability, a case study of Pakistan written by
Muhammad Tariq et al. (2013). Pakistan is moving toward the technological innovation,
especially toward ICT and e-government services. Simultaneously, the emerging threats are
also the problem for Pakistan. Prevalence of cyber bullying victimization among the
Pakistani youth Written by Sumera Saleem et al (2021), in this study, researcher focused on
the cyber bullying which has been surged due to the increased in the ICT, using the
communication devices the youth of Pakistan exhibiting the hostile behavior toward other
individual and group of individual.
Identity theft and social media written by shreen Irshad and Tariq Saleem (2020), the
min focused of the article is that how the identity of the person is to be theft in Pakistan the
used the statically data from 1800 years to 2020, and find out the reasons that how the
identity is being theft.

1.4.Methodology
For this sort of study I mostly reply on the method of qualitative research. For this study,
primary and secondary sort resources have been adopted. For primary source, this study rely
relevant statutes, articles and reports of the different organizations like UNO and UNESCO
etc. For this study, some secondary sources are also be used, like magazines, books, research
papers and internet archives book library.

1.5.Case Study
The phenomena of cybercrime, boosted with the coming of technology. Technology has
followed by the cyber-criminal and start threating the others. For example is that, an
organization is hacked, external parties penetrate their crucial data, and they not only gather the

11 | P a g e
private information about you and your clients but also illegally add a virus program to your
organization’s computers. Through the incorporation of a new detection security system, your
organization, IT experts find the cause of the criminal activity. However, when it comes to the
prosecution in court of law, your evidence is deem inadmissible or rejected by the opposition
saying that the detection system is doubtful and arguable and the information gathered is useless.
There have been many cases that are going too happened every day in which criminal uses every
sort means weather they are right or wrong but these malicious process has been carry out. Law
and enforcing agencies should follow the sagacious process to deals the cybercrime related to the
cybercrime.

1.6. Ethical consideration

Through this study a reader is to be able to understand that by reading this study, firstly, the
protection of the rights occurs are protected throughout the legal process. This includes
safeguarding privacy, presumption of innocence, and fair treatment under the law. Secondly,
the transparency and accountability will be revealed the legal system to operate transparently
and be held accountable for its decisions and actions. Thirdly, there are several types of
crimes has been emphasis and how they are treating under the law in Pakistan. Fourthly,
phenomena of proper challenges with regard to the judiciary faced. Lastly, how law and
enforcing agency investigate the cybercrime related matter effectively.

2. Cybercrime and challenges in legal framework

The first and foremost problem is that no any proper definition of the cybercrime occurred. It is
important to deals the matter of the definition. In order to define the cybercrime a precise
definition of it “the generic of all the crimes that has been done with the help of the computer
known as the cybercrime1” however this definition has been lacked the concept of the crime
which are done by using the mobile phones.

1
Prashant Mali, A Text Book of Cybercrime and Penalties (Indiana: Repressed Publishing LLC, 2006)

12 | P a g e
Another comprehensive definition of the cybercrime is “The offences that are committed against
individual or group of individual with the criminal motive and intent to harm reputation of the
victim, or cause physical or mantle haram to the victim directly or indirectly by using the modern
devices and telecommunication devices and mobile phones 2. This definition has only defects that
it does not sight a glance that using computer or devices a big commercial loos or a financial loss
can be done.

In broader sense the reality of the cybercrime is that it deals all those sort of offence which are
committed with the assistance of the computer or where there is a common denominator is the
technology or under the umbrella of the technology. In simple sense cyber offence are those sort
of offence in which the genesis or any crime occurred by using any sort of technology.

2.1. Types of Cybercrimes with the advancement of technology

There has been many bunches of crimes that are fall under the domain and circle of the
cybercrimes the notables are as followings,

a) Fraud
The nature of the fraud has been shifted toward the typical form to advanced form named
cybercrime or cyber-fraud. Today, the modern fraud has been done with the help of the
computer. With the help of some devices, enticement techniques and wrong guidance to the user
a cyber-criminal start the crime. For example, the cybercriminal used the different devices and
take access of the personal data and send some amount to his account, the bank give the opt
password to pass the money from one person to another, cybercriminal using the techniques of
enticement to send its password to his number. This is also known as transactional fraud. Several
complaints have been made with this regard.

b) Hacking
Hacking is common and lethal sort of cybercrime that take away all the access of the user data as
well as the company data. It means with the assistance of the computer the hacker got the access
of the others computer bypassing the security procedure. Unauthorized access of the computer of
an organization leads to the loss of the company or an organizational data. Pertinent to the cases

2
DH Jaishankar, “Cyber Crime and the Victimization of Women: Laws, Rights and Regulations” (2012) Hershey:
Information Science Reference.

13 | P a g e
of Pakistan, from hacking Facebook account of the bank fraud has been surged. However, the
perfect solution of that is appointment of the white hacker or the data analysis’s expert. Who
will make the strong wall of the system of security in order to halt the hacking attack? It is the
data expert, who done this.

c). Online Harassment

The cyber bullying, and online harassment has been speedily increased now-a-days. We are not
aware about the person who will give then threat to us at any time by hacking the giant sites and
blackmailed us using the other techniques. The distinguished platform used by individual for the
different purpose. The crux of the problem lies in its technical usage. There has been several
instances has been made with regard to cyber harassment, the pertinent example we have been
found is the social media. In Pakistan, the mostly victim are the females, in a year 2018-2019
the most cases of online harassment had occurred on women 3.

d). Deep fake and digital piracy

The phenomena of deep fake has been surged, now-a-days, with the help of AI an immoral or
nude content has been generated. It seems like a real content. Due to this content the reputation
of the people in the society has tainted with dirty handed. Deep fake destroyed the reputation of
the people. The social status is to be ruined. For example in the year 2020, the Queen Elizabeth
Christmas speech is totally deep fake as she begins to cut different jokes. Serious questions are
arises within this regard that how the criminal nature of the deep fake it is. People of all over the
world questioned about the status of the Queen4.

Digital piracy is a different concept in which the malicious intended person copy the work of the
author and generate it in the name of the other. With the surge of the technologies like AI,
several ethical questions have been raised regarding the protection of copyrights law.

3
Allia Bukhari, 'Silent Battles: How Pakistani Women Counter Harassment in Cyberspace' The Diplomat (21
October 2020) accessed 17 March 2021.
4
https://cybernews.com/editorial/the-good-the-bad-and-the-ugly-of-deepfakes-explained/

14 | P a g e
e).Phishing
It is a form of scam in which any malicious person or the malicious organization enticed other
person by the to provide essential personal information and may open any account or involved in
any other activity. Phishing in Pakistan has been facing these phenomena with the peak. In
Pakistan, where the common people are unaware that how the other malicious person can be
used their information for any cybercrime or any other crime. It is my personal observation that
in Pakistan people often called any random person, in order to entice him to extract some crucial
information from him, especially on the Name Ehssas emergency cash, Benazir income support
program and welfare program. With the coming of technologies i.e upgrading in ICT leads the
phishing phenomena more easily. If we combined it with AI the more advanced technology, then
this crime is be too easier, as we know the AI being able to create the audio , video and any
textual content.

f). Malware Software

One of the increasing phenomena of technological advancement is that the boosting technology
makes it easier to create the Malware software which used for any illegal activity and data theft.
There has no any specific information has been provided to the user regarding the software.
These software are linked with the malicious organization which ultimately connected with the
espionage attacking agencies. The following example of the malware software that utilized by
Pakistan, first example was found in the Shadow5 malware software which is found in the year
2017, mobile software namely, CCCleaner. Other examples of the malware software are, wine
32 Naquel6, Ippedo, Trojan, Wine 32 Taypsum etc. are example of the malware software that
used in Pakistan.

5
https://therecord.media/hackers-target-pakistani-government-with-malware
6
https://www.crowdstrike.com/cybersecurity-101/malware/types-of-malware/

15 | P a g e
g). Denial of Service (DoS) Attacks:

Denial of services attack means that any malicious person make technology unavailable for its
legitimate user and to blackmailed the organization. This attack is further categorized into two
forms. The first is buffer overflow attack and second is flood attacks. The denial of services of
system occurs when the culprit dismantle the system’s services and the website and weaken the
security codes for the upcoming use7. Pakistan also faced many DDoS attack in his reagion,
especially the attacked, The Sindh high court attack, An ATM in Peshawar 8.

h) Insider Threats
it is also a cybercrime in which the enrolment of the employee, client, managers, supervisor,
consultant, company member, or board member may intentionally and unintentionally provide
the crucial data to the person whom have the malicious intention to harm the organization and
entity of the office9 and this thing ultimately leads to the corruption, degradation of resources,
sabotage and terrorism related activities. Typically it happened, when any insider person provide
the authorized access to the outsider. Insider threats are also happening in Pakistan and more
surprising is that the government does not have any strong hand to handle the problems that are
related to the insider threats. The most common example found in the K-Electric company when
someone who was the insider of the company gives hacker, the crucial access to it. The hacker
demands 7 million dollars of the data of its user, in data it include the crucial information i.e Id
cards, NTN, Bank credit and numbers and many more. 10 The government feels helpless and let it
away, so hackers put all the data on the dark web and it is about 8.5 GB, this how the insider
threat leads a long lasting trouble.

i). Identity theft

It is one of sort of cybercrime in which hackers used the information of the person to commit
any illegal act i.e. fraud and forgery. There has been many illegal activities committed on

7
https://www.cloudflare.com/learning/ddos/glossary/denial-of-service/
8
https://propakistani.pk/2021/08/23/heres-a-recap-of-major-recent-cyber-attacks-in-pakistan/
9
https://www.fortinet.com/resources/cyberglossary/insider-threats
10
https://propakistani.pk/2021/08/23/heres-a-recap-of-major-recent-cyber-attacks-in-pakistan/

16 | P a g e
account or name of the common person i.e. illegal gambling. Due to identity theft a person may
face many consequences, i.e. new calls coming to you for the loan that you did not received from
the bank but on your name and identity by the hacker. Unfounded medical bills on your name
from the insurance company and you did not purchase any services. The phenomena in Pakistan
has been shifted a shocking path as 2.7 million personal data has been stolen from the NADRA
during the year 2019-202311. And more pathetic is that Government did nothing except making a
report or a JIT with that regarding.

11
https://www.thenews.com.pk/print/1172748-jit-report-confirms-theft-of-2-7m-pakistanis-info-from-nadra-
database

17 | P a g e
 Challenges in cybercrime and the exciting Legal Frame work in Pakistan
Pakistan has the several laws with regard to the cybercrimes but not befitting in the nature to
handle the cybercrime with both hand and would not only narrow down to the mere use of
computer for unlawful purposes. As technology marches forward, the importance of having laws
and regulations for cyber activities grows. Cyber legislation is crucial for setting rules that
prevent cybercrimes and manage online activities done using computers. In Pakistan, the
Government has made strides to tackle these issues by passing important cyber laws, ensuring
the safety and security of its citizens as they navigate the online world. The brief descriptions are
as followings.

2.1. Telegraph Act, 1885

We need to update the law to keep up with new technology. But it is still really useful for the
government to keep people's privacy safe. They have the power to act without asking the courts
in certain situations, like if there's a big emergency or it's important for public safety. They can
even take control of the telegraph if they need to. Moreover, "Entering telegraph offices without
lawful permission and interfering with telegraph messages is a serious offence that is punishable
by law"12.(The Telegraph Act, 1885).

2.2. The Pakistan Telecommunications (Re-organization) Act, 1996

It is incumbent that any unauthorized communication has been made then it is reported to the
court under this law to the Telecommunication authority and the Board which handle the enquiry
upon the receipt of the complaints. The court has the authority to issue Arrest Warrant and the
location of the offenders. Under this act law enforcement has fully authority to seize the material
which used in cybercrimes13.

12
The Telegraph Act, 1885
13
the Pakistan Telecommunications (Re-organization) Act, 1996

18 | P a g e
2.3. National Information Technology Policy and Action Plan, 2000
In year 2000, Pakistani Government issues the policy with regard to the information technology
policy. The aim of this policy is to understand the cybercrimes and create the legislation with
regard to the cybercrimes and its advancement. Therefore the government starts its thinking that
to develop a modal of law as per the basis of UNICITRAL. Furthermore, policy makers should
look for the guidance from the international law and international policy forum. Therefore, in it a
comprehensive and analysis approach of the government development particular with the case of
the security, online transaction and data safety. The implementing of these policies and action
plans are crucial and beneficial that how the safeguard the individual and collective data and
boosting the e-commerce business14.

2.4. Electronic Transactions Ordinance, 2002

In year 2002, a pertinent ordinance emerged with regard to the Transaction guidelines and with
the clear aims that, to provide wide range of backing wide array of online transaction. This
ordinance played an important framework for the electronic signature and record which is a
rudimentary element of the current modern digital transaction. Despite with the marvelous
development this ordinance have been several loopholes such as the lack of clear provisions of
the data protection and privacy, which are the fundamental rights of the person in this era.
Moreover, the digital threats are more advanced and the ordinance is obsolete and cannot fulfill
the requirement of the today15.

2.5. The Electronic Crimes Act, 2004

Initially Pakistani government has been recognized the electronic crime and it passed the
electronic crime ac with the help of ministry of information and technology. This legal frame
work establishes the guideline and regulation related to the electronic crimes. It has been able to
handle the crimes array that was not too severe. I.e. online extortion, spam, spoofing, email
threats, electronic fraud and forgery, system damages, cyber-terrorism and banking related
transactions. One main provision of the act is that inclusion of the devices that are misuse and
maliciously for the purpose of threatening others. This lead the cognition that use of technology

14
National Information Technology Policy and Action Plan, 2000
15
Electronic Transactions Ordinance, 2002

19 | P a g e
also hampered the progress of the person and community. The effectiveness of this act is vague
it means that it would define the definition into too broad scope or difficult to understand the true
sense without the presence of the technical expert. This act has been repealed in 2016 16.

2.6. The Prevention of Electronic Crimes Act (PECA), 2016

In April 2015, this act has been presented before the national assembly then in 2017 it is passed
by both upper and lower houses. After the pathetic incident in APS school Peshawar, this leads
another pivotal point that how to maintain law and order situation in Pakistan. One suggestion is
that to implement this sort of law as soon as possible. The provision of this act covers the wide
ranges of the online offences, like harassment, spoofing, spamming, hate speech, audio video
threating, phishing, online gambling, pornography, illegal data and information, cyber terrorism.
This law is too strict that even it sometime restrict the freedom of speech as per to the matter of
the national security. This gives the law and enforcing agencies too much freedom that they can
access any person data and misused it. However it would be impossible to measure the current
threat to the person whom data has been misused. Generally, any law contains the remedial
process but this law is bit slowly as the technologies progress. The world are using ethical hacker
to combat the cyber-attack however a post of data analysis has been also existed in the FIA wing
which is slow and inefficient as pertaining to the advancement of the crime 17.

For the matter of jurisdiction, PECA provide cybercrimes committed within the domain of
Pakistan regardless of the location of the criminal. The authorities have the full jurisdiction for
the prosecution and investigation18.

The following list of the offences which are covered by PECA

1. Child pornography
2. Cyber warfare
3. Cyber laundering
4. Unauthorized access
5. Phishing
6. Hate speech

16
The Electronic Crimes Act, 2004
17
What is: The Prevention of Electronic Crimes Act (PECA) (lawyersofpakistan.com).
18
ibid

20 | P a g e
 7. Religious related ill speeches
8. Data espionage
9. Cyber terrorism
10. Illegal interception
11. Misuse of devices
12. Hacking
13. Pornographic material
14. Spam and related offence, etc.

3. Challenges and threats due to Technological Advancement

Cyber threats are enhancing day by day with the advancement of the technology, now the
technology has been enough sharp that it did all the work of speedy spared i.e. from making to
spreading the wrong information is the task of one words commands. This is so grave and phatic.
Threats like hacking, unauthorized access to the system of any person, threats like phishing, that
contain fraudulent e-mail to entice the user and adopt the process which are incorporated in it,
threat like deep fake phenomena has been raised to the peak and how it would emerged as
defamation. With the advancement of technology, the court faces many problems these are given
below.

3.1. Jurisdictional Problem

There has been several problems with regard to the jurisdiction occurred. Pertinent to the
jurisdiction there has been a clear and absolute way to determine in every other crime but in
cybercrime it is start within the limit of territory of Pakistan.

a) Investment of time
While investigation there need a lot of time to cover the case properly. Even if the crime has
been done within Pakistan then court has to invest a lot of time to cover the offence. In
traditional crime, wrongdoer has been arrested by the investigating agency but in cybercrime
investigating agency required a lot of time to cover it and mostly the result has not been
positive19. Since most of the cybercrime has been done outside of the Pakistan therefore, the

19
The Challenges of Cybercrime Investigations and Prosecution – INSTITUTE OF ICT PROFESSIONALS GHANA
(iipgh.org)

21 | P a g e
phenomena of the tracing are to be difficult to arrest the criminal. However, it can be arrested
with the help of the Interpol, through a under branch of FIA, therefor, the whole procedure
required a lot of time to catch the cybercriminal.

b) Less qualified expert

Due to shorting of technical advance stuff, the court face also reluctant with regard to the
cybercrime. Cybercrime is not like the traditional crime, without the technical expert stuff it is
like a men in dessert. The more having the technical stuff and expert the more ways find out to
deals the cybercriminal offender. If the less qualified staff available to the law and enforcing
agencies then faced the difficulty to comprehend the crime nature and to prosecute them. If the
expert stuff has been available then the evidence collection phenomena would be fast and the
cybercriminal can be detectable.

c) Digital Forensic Equipment

In Pakistan, there has been lack of basis facilities to cope with the modern crime like cybercrime.
It does not have the proper, up to date equipment to cope crime. There has dire need to combat
the crime with both hands to tackle the process of cyber rime 20. In order to curb the problems
that are pertinent to the cybercrime there must be the need of the upgradition of facilities and
instruments.

d) Fear in Victim
Cybercrime victims are often under the threat that, the current cyber-attack has not been decoded
and traced by the law and enforcing agencies, another may be happened. Therefore, another may
be happened so they are under that sort of fear. The swift working of the law and enforcing
agencies if done then this thing would no longer. It is very often that criminal does not wanted to
put a complaint against the wrong doer because victim is already suffered if he did not fulfill the
requirement of the hacker the more he suffered.

3.2. Evidence Collection and Tracing phenomena

The evidence phenomena have been suffered with the advent of AI, devices system an cloud
computing. The following are the factors that create hurdle in prosecuting the cyber offender.

20
Digital Forensics in Cyber Security—Recent Trends, Threats, and Opportunities | IntechOpen

22 | P a g e
 a) AI( Artificial Intelligence) and MI( Machine Learning)
With the advent of the AI and MI, the speed, accuracy, frequency and exactness to the attack on
any system has been on the peak. Through this advancement a clear discrepancy has been
emerged. These systems utilized by the law and enforcing agencies and as well as attacker. The
law and enforcing agency to catch and arrest the cyber offender and the attacker used they won’t
catch by the agency at all21. Therefore, utilizing the advance system cybercriminal are not under
the domain of the law and enforcement agencies, the particular reason for the circumstances it
that they who not want any evidence against them.

b) Autonomous devices and system

The autonomous system has been enlarging the capacity of the attack by the hacker or the cyber
attacker. This breach is so grave that they stole the money from the bank with in few minutes and
do not have any tracer. This creates the complexity in law and enforcing agencies that how they
investigate the matter cleanly and effectively so that the original culprit has been arrested 22.
Using AI system can be wipe out the IP address of the hackers more easily.

c) Computing and data storage technology

Computing and data storage can be maliciously used by the criminal to attain the data that is
crucial and important. Criminal used this data for false purpose such as identity theft.
Disseminate the information to achieve the wrong purpose23.

d) Internet of things
Internet of things revolutionaries the way of living, the way we interact the technology on daily
basis, connecting everyday object to enhance the contribution of the conversation. The
proliferation of IoT also increased the risk of cyber security and the devices have been lacked of
the robust security protection. The phenomena of the IoT have been expanding in the nature. All
is needed that it would be mended by the strong security processes.

21
Technological developments and the future of cybercrime | RAND.
22
ibid
23
Ibid

23 | P a g e
All and all, the advancement in the technology made the huge set of problem and in which one of
them is the threat to the traditionally collection of the evidence procedure.

3.4. Emerging cyber threats

Cyber threats are enhancing day by day with the advancement of the technology, now the
technology has been enough sharp that it did all the work of proliferation i.e from making to
spreading the wrong information is the task of one words commands. This is so grave and phatic.
Threats like hacking, unauthorized access to the system of any person, threats like phishing, that
contain fraudulent e-mail to entice the user and adopt the process which are incorporated in it,
threat like deep fake phenomena has been raised to the peak and how it would emerged as
defamation.

3.5. Cyber Espionage and State; Sponsored Attacks

Pakistan now-a-days under the cyber threats and sponsored attacked over its sovereignty. The
cyber attacker have been the motive to theft the important information, it will leads to a cause of
the disruption of the important infrastructure or challenging the national security. This problem is
to be solved by adopting the critical and comprehensive tools in order to curb the national, the
sharing of intelligence, and government involvement. By using online tool the cyber threats has
been increased, using money and putting threats to anyone in the world is now common in this
world. However, the sound cooperation of the international community has been crucial and
required to cope the problem cyber espionage and state sponsored attack.

3.6. Online Extremism and Radicalization

The internet and social media platforms are mostly used by extremist groups and radical
elements to advertise their ideologies, recruit followers, and incite violence. The way to deal
with the issue of online extremism is to use a multifaceted approach which includes the creation
of counter-narratives, content moderation, and the cooperation of government agencies, tech
companies and civil society organizations.

24 | P a g e
3.7. Data Privacy Concerns
The growth of the digital services and online transactions has led to data privacy and
protection issues in Pakistan. The lack of proper data protection laws and enforcement
mechanisms lead to the exposure of individuals to the threat of personal information misuse, data
breaches and privacy violations by both state and non-state actors.

The tackling of these cybercrime-related issues in Pakistan involves a joint effort from the
government agencies, law enforcement agencies, the private sector, the civil society
organizations, and the population in general24. The improvement of cyber security infrastructure,
the amendment of legal frameworks, the spread of cyber awareness, the increase of law
enforcement capacity, and the strengthening of international cooperation are the basic steps
towards constructing a safe and secure cyberspace in Pakistan.

3.8. Fake Social Media Account

Social media is the powerful tool of the change in our society; it is the aggregation of the ideas,
thoughts and interest of expression. The surge in the fake social media account has been raised
to the peak. These accounts usually generate the wrong information and disseminate the
dangerous situation in the society. Cybercriminal used fake social media account and spread the
social engineering, click jam, Phishing, data breach, fake giveaways etc25.

3.9. Hacking
An unauthorized access of the data and with the intent to harm such data is known as hacking. In
Hacking a person using any computer or any address hacked the device or computer of the other
person. It is a huge problem for everyone whom has a digital account or site that contains most
important data. There has been three types of hackers namely, dark hacker, white hacker and
gray hackers,. The lethal hackers are the dark or black hacker these are the bad guys who is
responsible for the whole hacking. The white hacker is the anti of the dark hacker. They
deescalate the attack of the dark hacker. The gray hackers are the in between of white and dark
hat hacker, they generally hacked the system but they do not used the hacking material with

24
Ibid
25
12 social media threats to watch for in 2024 - Norton

25 | P a g e
intent to harm other. Hacking is not always a malicious act however, when hacker breached the
crucial information and used it for some gain and loss it would be included in the crime 26.

3.10 Lack of Public Awareness

Lack of public awareness; generate another phenomena cyber-attack. It means people are
unaware about how hackers can be reached on their content and personal information system
such as identity and debit card. They easily become enticed by the tricks of hackers and
handover their personal precious data to them. It is one of the faults that has never been going to
resolved. Because there has been certainty of violation also is persisted. However, this can be
controlled and managed with the help of education, seminars etc.

3.11 Case Laws

The relevant case laws with regard to the study are the following.

I. Sheraz khan v. State and another27

Fact

Complainant established a contact with Haya Misha Michele through the Facebook who
declared herself a manager of the USA bank and counted a false story of a person name Abbas
who had been deposited about 19,000,000$ in the bank and eventually dead without the hire,
therefore in order to seek this amount of money petionier should pay the custom and other
related chargers, Complainant paid it through the bank Ai-Islame round about 28 lacks and from
Meezan Bank he paid approximately 11 lack to the present petionier Ginika and peter. Then the
phone of the cyber offender has been switched off. The petionier were arrested by the FIA and
their mobile data has been checked by the officer and he was in the contact with the
cybercriminal.

Decision

Initially the above offence tried under PPC and PECA act jointly. later, court denounced it that
these would be run separately because off the section 26 of the general clauses act that if the
offence failing under the definition of two different laws then it should be tried separately. It was
the well settled plan for the complainant that he plunged into it and entangled in it like a bird in

26
https://www.fortinet.com/resources/cyberglossary/what-is-hacking
27
2022 P.Cr.LJ 203

26 | P a g e
the net. This is done quite handsomely that they do not give complainant a time to think about it.
So, court pronounced each offender a punishment of three years and a reasonable fine.

II. Meera Shafi v. State of Pakistan and others 28.

Fact

This case is in the form of write petition under article 199 the constitution. Petionier was a
female artist and her efforts are internationally recognized. Petionier alleged the respondent
Number 5 Mr.Ali Zafar a popular singer of Pakistan. She alleged him that on the certain
workplace respondent wanted her body access on the work place. She twitted this and be the part
of the campaign named #Meetoo movement. Later she filed a comlaint against the respondent
under the harassment of Women at work Place act 2010.

Decision

Court observed the maintainability of the petition in the court when this question resolved then
court determine that is it freedom of speech which is written in the constitution under article 19.
Court also observed there was a section i.e. 20 of PECA written in the petition. Court determine
the whole jurisdiction of the freedom of speech and reach the conclusion that the allegation
which she filed has been baseless and these are not covered under the article 19 of the
constitution but it is restriction. Freedom is necessary for the maintaining of the society but not
those who infringe the respect of the innocent and characterful person of the society. In this case
court observed that while using the online expression platform nobody should use or allegation
on the other member off the person. This case is important with regard to the online cyber
harassment and it’s provable.

III. Fakhar Zaman petitioner V State and other Respondent29

Fact

In this case a women launched a complaint in the Cyber wing of the FIA branch Abbottabad,
against two person named Fakahr Zaman S/O Rukhan Zaman and Aziz-Ur- Rahamn. The first

28
PLD 2022 Lhr 773
29
2023 PCr.LJ 493

27 | P a g e
petionier filed a pre-arrest bail from the session court of Abbottabad and his application was
rejected under section 21, 22, 23 of the PECA 2016.

Decision

The court observed that the data recover from the mobile phone of the petitioner contains the
nude pictures and the nude video and more phatic is that the same had sent to the complainant’s
husband who is earning the money in abroad for his family. The complainant also said that she
was being blackmailed and entice for the sex. This is to grave for the court when the report of the
FIA cyber wing. Court order to quash all the material by a young Sub-inspector of FIA and
initiated the trial process to the petitioner and frame the charges against him.

All the above cases are the important because it insisted that the use of social media careful and
with diligent. All the decision of the different courts observed that there were certain cyber
harassment and, cyber harassment and cyber fraud.

4. Recommendations
The growing threats of cybercrime have enough capacity to damage any system of the
government. Here are the crucial recommendations to minimize the threats of cybercrime in
Pakistan.

4.1 Public Awareness

Public awareness is one of key solution to cope the problems of the cybercrimes. Holding the
seminars and inviting the person to join it. Distributes some books and pamphlets in the people,
so that the people would aware about the cybercrimes and they will shun off the precious
information to the malicious person. It is one of the main and key recommendation that if our
beloved country able to aware the people about their role that how to secured their personal
information with regard to the demands of the cybercriminals or hackers. Moreover, this is the
evolving nature of the crime and cannot be easily measured by the victim. However, sufficient
awareness has been generated to the public at large would be beneficial for minimizing the
cybercrimes.

28 | P a g e
4.2 Establishment of Special Courts
The cybercrimes are the modern crimes. The ordinary courts deals with the ordinary crimes. The
special courts are established, so that the procedure of the trial in the court smoothly done. In
Pakistan, there have been instances of the special courts, like, banking courts, consumer courts
and anti-terrorism courts. Therefore, establishing of special courts can be proved helpful
evidence relating loopholes that set by hackers or cyber criminals.

4.3 Establishment of Forensic laboratories regarding cybercrime.

Specialize units should be made so that the process of investigation of the investigating agencies
are speedy and correct. As we know cybercrime is a complex crime, in order to handle the
problem of the cybercrimes there has been the existence of the special laboratories with regard to
the cybercrime. These units are able to trace out the address of the hackers. As hackers used the
most secured software and prosy sites to hide their identities and IP address 30.

4.4 Appointment of Ethical Hacker

Appointment of the ethical hacker or the data specialized staff can able to handle the crime that
are related to the cybercrime. When the attack of the cybercrime occurred, during the attack, only
one person can handle and sole it with few seconds but depend upon his excellence. An ethical
hacker is proved helpful to combat the cyber-attack. Ethical hacker can make the security better
and improved. It also enables the trade and business to be used smoothly 31.

They are also being helpful to measure the security requirements of the organization and
individual, there has been 270 methods to handle the attack of the cybercriminal. Any ethical
hacker appointment proved beneficial that it does not allowed any internal and external security
breach occurs.

4.5 Amendments in Legal Frame work in Pakistan

There has been need to amend the exciting the laws and framework. As I already mention the
defects in the exciting laws that are related to the cybercrime.

30
https://www.crime-research.org/interviews/Catching-Cyber-Criminals/
31
https://www.businesstechweekly.com/cybersecurity/network-security/ethical-hacking/

29 | P a g e
4.6. Using updated devices or software
Internet becomes a crucial part of our life. We used internet for different purposes and aims, one
of the main reason of the of being a victim of the cyber-attack utilizing the non-updated software
and devices, the issue is that these software are easily trace able. Therefore, in order to halt the
cyber-attack one must Using the updated software and updated devices can be helpful for
minimizing the threats of cyber-attack and any other problem that is related to the cybercrime 32.

Conclusion
Cybercrime and related offences are observed by Pakistan Now-a-days. The enigmas of the
cybercrime can be handled by the doing the different means and method of the solution. The
curse of the cybercrime can be handled with the right dealing of the criminal prosecution,
development of cyber units and appointment of white hat hacker. The exciting laws are the
wonderful solution of the crimes but somehow loopholes in they are also exciting there. As the
technological advancement began then there have been likely chances of threats of cyber-attack
on the sovereignty of Pakistan. By fostering the collaboration with the private, NGOs and
International bodies there has been likely chances to solve the problem of the cyber-attack in
Pakistan and they also helped Pakistan to remove the threats of these attack. In order to halt the
supply of the cybercrime there is a dire need to aware public, appointment of white hat hacker or
data analysis’s and maintaining the special courts to solved the cybercrime.

In addition, there is a critical need to curb the growing menace of the cybercrime in Pakistan.
Investing in cyber building awareness programs can be proved beneficial for solution of that
problem. The appointment of white hat hacker can also play a significant role to cope the
problem of the cybercrimes in Pakistan. Ergo, cybercrime is a bare threat to Pakistan, the dire
need to counter these threats with strong hands so that the

32
https://www.fortinet.com/resources/cyberglossary/what-is-hacking

30 | P a g e
Moreover, the phenomena of hacking is the live threats for the developing countries like
Pakistan, cause hacker used different sort of devices the enabled them to be more secured to
commit a crime in essay ways. There is dire need to regulate the technologies and boost the
development in it so that the vary and updating nature of the crime can be controlled. All in all
the problem of the crime regardless of its nature can destroy the fabric of the society.

In nut shell, cybercrimes in the developing countries like Pakistan creates unresting situation in
the people of it. With the advancement in the technologies the advancement of the cybercrime
occurs and it is also difficult to trace out the criminals because they have also more advanced
technology. Therefore, to develop a comprehensive and advancement must be adopted in the
legislation in Pakistan

References

1. Prashant Mali, A Text Book of Cybercrime and Penalties (Indiana: Repressed Publishing
LLC, 2006).
2. Digital Forensics in Cyber Security—Recent Trends, Threats, and Opportunities |
IntechOpen
3. Allia Bukhari, 'Silent Battles: How Pakistani Women Counter Harassment in
Cyberspace' The Diplomat (21 October 2020) accessed 17 March 2021.
4. Technological developments and the future of cybercrime | RAND.
5. Identity Theft and Social Media Shareen Irshad and Tariq Rahim Soomro.

6. 2023 PCr.LJ 493

31 | P a g e
7. https://www.ekransystem.com/en/blog/insider-data-theft-definition
8. PLD 2022 Lhr 773
9. 12 social media threats to watch for in 2024 - Norton
10. 2022 P.Cr.LJ 203
11. The Challenges of Cybercrime Investigations and Prosecution – INSTITUTE OF ICT
PROFESSIONALS GHANA (iipgh.org)
12. What is: The Prevention of Electronic Crimes Act (PECA) (lawyersofpakistan.com)?
13. The Pakistan Telecommunications (Re-organization) Act, 1996
14. The Electronic Crimes Act, 2004.
15. Electronic Transactions Ordinance, 2002.
16. National Information Technology Policy and Action Plan, 2000
17. Daanika Kamal, “Policing Cybercrime: A Comparative Analysis of the Prevention of
Electronic Crimes Bill,” Jinnah Institute, Policy Brief, January 18, 2017, 3-8.
18. Prevalence of cyber bullying victimization among Pakistani Youth Author links open
overlay panel Sumera Saleem et al.
19. https://cybernews.com/editorial/the-good-the-bad-and-the-ugly-of-deepfakes-explained/
20. https://www.crime-research.org/interviews/Catching-Cyber-Criminals/
21. Binder JF, Kenyon J. Terrorism and the internet: How dangerous is online
radicalization? Front Psychol. 2022 Oct 13; 13:997390. doi:
10.3389/fpsyg.2022.997390. PMID: 36312087; PMCID: PMC9606324.
22. https://www.ekransystem.com/en/blog/insider-data-theft-definition
23. https://consumer.ftc.gov/articles/what-know-about-identity-theft
24. https://www.exabeam.com/information-security/ethical-hacking/
25. https://www.cloudflare.com/learning/ddos/glossary/denial-of-service/
26. https://propakistani.pk/2021/08/23/heres-a-recap-of-major-recent-cyber-attacks-in-
pakistan/
27. https://www.fortinet.com/resources/cyberglossary/insider-threats
28. https://propakistani.pk/2021/08/23/heres-a-recap-of-major-recent-cyber-attacks-in-
pakistan/
29. https://www.thenews.com.pk/print/1172748-jit-report-confirms-theft-of-2-7m-
pakistanis-info-from-nadra-database

32 | P a g e
33 | P a g e