Hackers linked to Russian intelligence have stolen Indian military data from cyber spies believed to be working on behalf of the Pakistani state, according to an assessment by Microsoft researchers. All those involved are part of what are known as "advanced persistent threat" (APT) organizations in their respective countries.  TechTarget defines "Advanced Persistent Threat (APT) as "a prolonged, targeted cyber attack that involves an attacker gaining and maintaining unauthorized access to a network for an extended period". The goal of an APT is to steal sensitive data, rather than cause damage to the network or infect systems with malware. It is harder to defend against such intrusions than to attack.

In a recent blog post, Microsoft researchers have discussed how Russian FSB's Secret Blizzard APT has breached a Pakistan-based threat activity cluster called Storm-0156 ATP to steal India's military secrets gathered by Pakistani intelligence. Since then, researchers from Microsoft and Black Lotus Labs say, Secret Blizzard has been able to leech off of Storm-0156's cyberattacks, accessing sensitive information from various Afghani government agencies and Indian military and defense targets. 

State actors in India and Pakistan are known to target each other for cyber espionage. Last year, the Pakistani government warned its officials about a number of India-linked APT groups, including PatchWork and Sidewinder, targeting Pakistan. Some Indian ATP groups also target China. 

Some Pakistani APTs targeting India have also been revealed in recent years. Among these are SideCopy and Transparent Tribe. 

Given the cyberthreat landscape in South Asia, Pakistan is trying to improve its cybersecurity posture, steering $18 million in funding for cybersecurity research and adding $36 million to its budget to develop better cybersecurity technical capabilities. 

International Telecommunications Union (ITU) has ranked Pakistan (score 96.69/100) among top tier countries for cybersecurity in 2024.  Out of a maximum score of 20, Pakistan received 20 for legal measures, 18.21 for technical measures, 20 for organization measures, 20 for capacity development and 18.48 for cooperative measures, according to the Global Cybersecurity Index 2024 report released by the ITU. 

Pakistan Cybersecurity Scores 2024. Source: ITU

Pakistan's tier one cybersecurity ranking is a big improvement from its 79th rank (score 64.88 from 100) it got in the cybersecurity ranking by the ITU in 2020. Four years ago, Pakistan scored 15.97 on legal measures, 12.26 on technical measures, 11.01 on organizational measures, 17.25 on capacity development and 8.38 on cooperative measures. 

Increasing penetration and rapid growth of the Internet user base in Pakistan has brought in a lot of user complaints of bullying and fraud, necessitating government action, including new legislation and capacity building to fight cyber crimes. 

Pakistan Telecom Indicators as of July 2024. Source: PTA

In 2018, Pakistan launched its National Center for Cyber Security (NCCS) as a joint project of Higher Education Commission (HEC) and the Federal Planning Commission. The Center includes several Research and Development (R&D) Labs at Pakistani universities. These universities have been given the mandate to establish NCCS affiliated Labs in different specialties of cybersecurity under the Center's secretariat.  Earlier this year, Pakistan's economic coordination committee (ECC), a ministerial level body, allocated $36 million for work on cybersecurity measures. 

Like many other nations, the cybersecurity threats in Pakistan include hacking, identity theft, cyber-bullying, cyberstalking, spoofing, financial frauds, digital piracy, viruses and worms, malicious software, money laundering, denial of service attacks, electronic terrorism, vandalism, and pornography. 

Pakistan has passed a cybercrime bill and established a National Response Center for Cyber Crime (NR3C).  NR3C has expertise in Digital Forensics, Technical Investigation, Information System Security Audits, Penetration Testing and Training. Since its inception, it has been involved in capacity building in various departments including Police, Intelligence, Judiciary and Prosecutors. Cyber Scouts is the latest initiative of NR3C, in which, selected students of different private/public schools are trained to deal with computer emergencies and increasing awareness of cyber threats amongst their fellow students, teachers and parents.