ISLAMABAD: The military on Wednesday announced a probe after intelligence agencies uncovered a major cyberattack by hostile Indian spy networks targeting military and government officials.

“Pakistan’s intelligence agencies have identified a major cyberattack by Indian intelligence agencies involving a range of cybercrimes, including deceitful fabrication by hacking personal mobiles and technical gadgets of government officials and military personnel,” the Inter-Services Public Relations (ISPR) said in a statement.

No further detail about the nature of the attack or targets was given by the military.

The ISPR said the targets of the attack were being investigated. Action, the military’s media affairs wing said, was also being taken against those found guilty of violating the official standard operating procedures (SOPs) on cyber security.

The Islamabad Policy Institute, a think tank, had in its report “Pakistan Outlook 2020” earlier this year warned that a spike in India’s Advanced Persistent Threat (APT) activity was being noticed since the increase in its tensions with Pakistan following the Balakot stand-off.

ISPR says attack involved fabrication by hacking personal mobile phones and technical gadgets of govt officials and military personnel

APT is defined as a long-term intrusion normally by a state-sponsored actor into network/s in order to mine highly sensitive data.

APT activity, the report said, was deeply connected with geo-political situation, current events and government priorities. “With a right-wing fascist regime in power in India, such campaigns have increased and are more likely,” it added.

The report had also pointed out that Pakistan was one of the worst prepared countries in the world with regards to cybercrime.

Farooq Naiyer, a cyber security expert and a visiting fellow with the Islamabad Policy Institute, had in his paper said that the motive behind APT was usually intelligence gathering and credential theft for follow-on operations. He said that the adversaries targeting Pakistan specifically went after government officials, diplomats and businessmen. APT groups, he wrote, mostly used simple, freely available malware that heavily relied on phishing campaigns.

Talking to Dawn on Wednesday over phone, Mr Naiyer said that although not much had so far been known about the attack reported by the military, it looked very much similar to a Russian surveillance attack in May last year in which the attackers exploited a vulnerability in WhatsApp, the encrypted messaging service, to target important political figures.

The ISPR in its statement said the army had enhanced necessary measures to thwart such activities. “Advisory is also being sent to all government departments/institutions for identifying lapses and enhancing respective cyber security measures,” it added.

Published in Dawn, August 13th, 2020