In an incident not widely publicized, critical military information related to the Pakistan Air Force (PAF) has been stolen from computer systems installed at the PAF headquarters in Islamabad. The incident in question took place in May, but the incident was leaked earlier this month to nearby places in Pakistan. Pakistan and Chinese entities working side-by-side in the cyber security space have alleged that the cyber “espionage” in question was carried out by “India-friendly entities”.
According to officials in these countries, these entities that hacked Pakistan’s military systems downloaded malware, which once installed on the targeted computer system, retrieved a large number of documents, presentations, including encrypted files, stored on them. The malware in question was sent to the target embedded in emails purported to be from senior officers. Some of the files transferred from military computer systems related to satellite communications, military communications and nuclear facilities.
In all, according to Pakistani and Chinese officials, nearly 15,000 files, some of which included correspondence sent by Pakistan’s top defense offices, have been breached.
Later, Pakistan-based analysts were able to identify the intrusion, according to unverified claims, based on clues left behind by the hackers themselves who broke into the systems. A similar action was carried out, according to the same analysts, in March targeting Pakistan’s naval assets.
According to conversation between Chinese and Pakistan-based officials tasked with handling such an incursion, another such exercise was attempted by the same entities earlier this week and was ongoing by the time the story broke.
State-funded Chinese media earlier this month had published reports of another entity, which it claimed was based in India, launching separate cyberattacks on Pakistani and Chinese military installations last year. The reports claimed that the attacks had, in addition to data theft, “destructive infrastructure” related to energy.
If the claims by Chinese and Pakistani officials are true, then this will be among the first such incidents in which critical information related to the military establishments of these two countries has been compromised by allegedly ‘pro-India’ entities.
China and Pakistan have long been conducting cyber-attacks against Indian military and civilian operations, attributed to a lack of awareness among officials on how to avoid these cyber-attacks, which in most cases are carried out through a simple trojan email as was done in the present case.
Interestingly, India had in October 2020 suffered a Chinese state-sponsored cyber attack on its power plants, which led to a widespread power outage in Mumbai. China denied the same.