CBR orders steps to secure sales tax department computers: Internet access to be minimised

Published on 9/15/2003

ISLAMABAD (September 15 2003): After deadly computer virus attack on STARR sales tax refund automation programme, the Central Board of Revenue (CBR) is expecting more attacks on GST-related database due to unsafe use of computers by tax officials.

In a warning issued here on Sunday to all sales tax computer sections in major cities, the CBR has expressed serious concern on increasing computer virus attacks and has suggested restricted use of internet.

The CBR has never bothered to arrange for backup of sales tax related data or use of secured systems to prevent virus attacks till exporters' refund data was destroyed.

The CBR has cautioned collectorates that computers used for GST operations at the Data Processing Centres (DPCs) are also connected to the 'internet proxy servers'.

Availability of internet access on the Local Area Network (LAN) terminals have made the whole network prone to virus attacks.

Any virus, coming through the internet, attacking just one personal computer on the network makes the whole Local Area Network suffer through chronic viruses.

The CBR has decided that internet access should be restricted to a 'stand-alone' personal computer and no 'proxy set-up' be established on any of the computers where connection to the GST database exists.

Under the plan, all concerned officers would ensure that no proxy internet connections are made available on the LAN of the computer system.

All collectorates would depute a person for periodic backups of the GST data and STARR program on the cartridge and kept at a secure place.

For this purpose, daily and weekly backup data would be separately stored by the authorities.

Furthermore, anti-virus programs should be installed at all computers dealing with GST related data and such programs must be updated regularly, the order added.

It is astonishing to note that computers maintaining vital data on taxpayers and industrial units were extensively used by officers without taking any precautionary measures leading to serious mishap.

This could also erase all important data which is being kept without backup system.

There is no body to question sales tax authorities why backup of taxpayers' data was not being maintained on country-wide basis before suspected attacks of computer viruses as some of the data is already being infected by deadly viruses.

Similarly, the installation of anti-virus program is the first step before using personal computer particularly to check viruses coming from internet, but it seems that CBR has now realised that anti-virus programs should be installed on the computers having sales tax data.

Furthermore, the role of Pakistan Revenue Automation Limited (PRAL) is unknown in relation to control of viruses on the sales tax related computers, sources added.

Courtesy of Business Recorder