Maps
Magazine

LEGAL

National CERT Warns of Cyber Threats to Pakistan’s Critical Infrastructure
Pakistan’s National CERT warns of rising cyber threats targeting power, banking & defence via supply chains, urging strict security checks and zero-trust systems.
ND
by News Desk
2026-03-24
National CERT Warns of Cyber Threats to Pakistan’s Critical Infrastructure

National Computer Emergency Response Team (National CERT) has issued a critical cybersecurity advisory warning that hostile actors could exploit supply chains to target Pakistan’s key infrastructure, including power, banking, and defence systems.

The advisory, released on Tuesday, highlights the growing risks associated with supply chain vulnerabilities, cautioning that even minor lapses during the delivery of hardware and software could lead to large-scale system failures.

According to National CERT, the threat landscape has evolved globally, with state-sponsored cyber espionage increasingly extending beyond traditional digital attacks into logistics and manufacturing processes. This shift has made supply chains a prime target for sophisticated cyber operations.

The agency warned that all hardware deliveries must be treated as potential security risks and subjected to strict inspection protocols. It also raised concerns about unverified software updates, which could introduce hidden backdoors into critical systems, posing long-term threats to national digital infrastructure.

Particular attention was drawn to vendors with unclear or unknown ownership structures, identified as a significant risk factor. National CERT urged institutions to ensure transparency and carry out thorough due diligence during procurement processes.

The advisory further cautioned against over-reliance on a single supplier, noting that such dependency could create systemic vulnerabilities. A breach in one vendor, it warned, could disrupt entire sectors, including the national power grid and banking networks.

To mitigate risks, institutions have been directed to adopt tamper-proof mechanisms and tracking systems for the transportation of sensitive equipment. Organisations are also required to promptly report any suspicious network activity or unusual software behaviour to relevant authorities.

In a key recommendation, National CERT has instructed institutions to implement a “zero-trust” security model, ensuring that all devices and users are authenticated before gaining access to networks.

The advisory stressed that neglecting supply chain security could result in the complete paralysis of critical national infrastructure, underlining the urgency of strengthening cybersecurity frameworks as Pakistan’s digital ecosystem continues to expand.

The warning follows a series of recent cyber incidents in the country. Earlier this month, several Pakistani television channels, websites, and mobile applications were targeted in coordinated cyberattacks. A major disruption occurred at the state-owned satellite Pak-Sat, leading to transmission issues for multiple TV channels.

Separately, during a session of the National Assembly of Pakistan, officials highlighted the need for enhanced cyber defence measures, including the implementation of a national firewall system.

Minister for IT and Telecom Shaza Fatima Khawaja emphasised the importance of cybersecurity, stating that several initiatives are already underway to strengthen the protection of citizens’ digital space and safeguard Pakistan’s cyber boundaries.
Tagged:

CyberSecurity

DataSecurity

PakistanCERT

CyberAlert
Share News: