ISLAMABAD: The National Computer Emergency Response Team (National CERT) on Tuesday issued a cybersecurity advisory, warning that hostile actors may exploit supply chains to target critical national infrastructure, including power, banking, and defence systems.
The advisory highlights that even minor lapses during the delivery of hardware and software could trigger large-scale system failures.
The alert comes amid growing global concern over supply chain vulnerabilities, where state-sponsored cyber espionage has increasingly extended into logistics and manufacturing stages.
CERT cautioned that all hardware deliveries should be treated as potential security risks and subjected to strict inspection protocols. It further warned that unverified software updates could introduce hidden backdoors into the national digital infrastructure, posing long-term security threats.
The advisory also flagged vendors with unknown ownership structures as a significant risk factor, urging institutions to ensure transparency and due diligence in procurement processes.
It noted that reliance on a single supplier could create systemic vulnerabilities, where a breach in one entity might disrupt entire sectors such as the national power grid or banking network.
Institutions have been directed to adopt tamper-proof mechanisms and tracking systems for transporting sensitive equipment.
Additionally, organisations are required to promptly report suspicious network traffic and unusual software behaviour to relevant authorities.
National CERT has further instructed institutions to implement a zero-trust security model, ensuring that all devices are authenticated before being connected to networks.
The advisory emphasised that neglecting supply chain security could lead to the complete paralysis of critical national installations.
The warning underscores the urgent need for strengthened cybersecurity frameworks as Pakistan’s digital infrastructure continues to expand and integrate across sectors.
Published in Dawn, March 25th, 2026
