ISLAMABAD: Election Commi­ssion of Pakistan (ECP) employees were targeted with a ransomware attack, prompting the electoral watchdog to issue an advisory.

The attack has raised alarm at a time when the country is gearing up for general elections in a few months.

The advisory, a copy of which is available with Dawn, cautioned the employees to not open emails with suspicious links in them “[T]his is a Ransomware attack and trying to steal the information, kindly ignore this email and report it as Spam/Junk”.

The advisory, issued by ECP’s Information Security Specialist Naveed Ahmed Kandhir on Thursday, also carried a screenshot of a phishing email titled ‘implementation of social media policy’ dated July 5, with a 2 KB RAR file attached to it.

Warns employees not to click on suspicious phishing links

According to ECP, the attack was an attempt by unidentified hackers to gain access to the files stored in employees’ computers.

The advisory has also been sent to the staff officers of the chief election commissioner, ECP secretary and additional secretary; all heads of departments; and provincial election commissioners.

Ransomware is extortion software designed to deny a user or organisation access to files on their computer, according to a cybersecurity expert.

By encrypting these files and demanding a ransom payment for the decryption key, cyberattackers place organisations in a position where paying the ransom is the easiest and cheapest way to regain access to their files.

Cyberattacks have become a constant threat for officials after several key institutions were targeted in the recent past.

In September 2022, a slew of audio recordings of conversations in the PM Office between key government figures — including Prime Minister Shehbaz Sharif, PML-N leader Maryam Nawaz Sharif and some members of the federal cabinet — were leaked on social media.

The episode rang alarm bells as officials believed flaws in the cyber security of the highest office of the land caused these leaks.

A month earlier than in August, the Securities and Exchange Commission of Pakistan’s website was hit by a cyberattack “due to the absence of a proper and updated cyber security mechanism”.

The hackers scrapped the personal data of listed companies and their directors and other crucial back-end information.

Not only government institutions, but officials fear key infrastructure has also been targeted by cyberattacks.

Earlier this year, Federal Minister for Power Khurram Dastgir expressed apprehension that a cyberattack might have been the reason for the massive power outage that hit the country on January 22.

ECP holds workshop for trainers

The ECP held a workshop for 33 officers who will be training the district returning officers (DROs) and returning officers (ROs) for upcoming general polls.

The three-day workshop for lead trainers concluded on Friday. The training was conducted at Pakistan’s Electoral Academy for Democratic Practices, Research and Management in the ECP Secretariat in Islamabad.

These officers will train 142 DROs and 859 ROs from all four provinces. At the concluding ceremony, ECP Special Secretary Zafar Iqbal Hussain distributed certificates among the participants who completed the training.

A delegation of Cadet College Hasanabdal students and faculty members also visited the ECP Secretariat on Friday. They were briefed on the commission’s work and its initiatives.

The interactive session was chaired by ECP Secretary Omar Hamid Khan.

The visitors were briefed on electoral processes, technology integration in the electoral process, voters’ education and initiatives for youth participation in the elections. Later, a mock-poll exercise was also conducted.

Published in Dawn, July 8th, 2023