Pakistan’s cybersecurity landscape is rapidly evolving, with a marked increase in threats targeting critical infrastructure, financial institutions, and government entities, says the Pakistan Telecommunication Authority (PTA).
The authority has warned that despite ongoing efforts for capacity-building and awareness-raising, challenges such as limited resources, shortage of skilled professionals, and inadequate public-private collaborations continue to impede progress.
The global nature of cyber threats calls for prioritizing international cooperation to strengthen cybersecurity defenses, and while Pakistan is proactively establishing links and building synergies, there is still room for strategic actions to mitigate threats endangering the digital ecosystem.
Pakistan experienced a significant surge in cyber-attacks from July 2023 to June 2024. These included malware, followed by phishing, Distributed Denial-of-Service (DDoS) attacks, ransomware, and insider threats, among others.
Top Threat Actors
Advanced Persistent Threats (APTs) represent the top tier of threat actors, distinguished by their advanced capabilities, sophisticated attack techniques, and continuous evolution. These cyber criminals engage in high-profile attacks involving the use of novel tools and intricate techniques that surpass the capabilities of other cyber-criminal groups.
Geopolitical factors significantly influence the tactics and targets of APT actors. The major APTs that targeted Pakistan during 2023 were Gamaredon, DoNot, Bitter, Kimsuky, Lazarus, and SideWinder. Their key targets included internet backbone infrastructures, healthcare entities, and organizations affiliated with the government.
Top Targeted Sectors
Globally, the manufacturing sector continued to be the most targeted industry vis-à-vis cyber extortion campaigns in 2023. Healthcare reemerged as the second most targeted sector, followed by technology and retail industries. Notably, the financial and insurance sectors also experienced major attacks, encountering threats from both ransomware and APT groups. Industries such as education, energy, and utilities remain highly vulnerable.
Telecommunications is the 5th most targeted sector for phishing attacks, which are globally advancing at an unprecedented pace. According to the latest research, there has been a staggering 173% surge in phishing attacks worldwide during FY 2023-24.
Pakistan has recently advanced to a Tier-1 (Role Modeling) status, placing it among the top 40 countries in the 2024 Global Cybersecurity Index by ITU—a marked improvement from its previous 79th position.
Stay Connected with ProPakistani
Get the latest tech news, telecom insights, and product launches wherever you prefer.
Add ProPakistani to Preferred Sources and see more of our stories in Google Search and Top Stories.
