- August 11, 2025
- Posted by: administrator
- Category: Pakistan
Pakistan’s National Cyber Emergency Response Team (NCERT) has issued an urgent advisory to 39 critical ministries and institutions, warning of a “severe risk” posed by an ongoing wave of ‘Blue Locker’ ransomware attacks, a spokesperson confirmed on Sunday.
According to NCERT, several organizations in Pakistan have already been affected by the malware, including Pakistan Petroleum, which has reportedly sustained significant damage.
“Our systems are actively detecting and blocking the malware, but the threat remains ongoing,” NCERT spokesperson Imran Haider told a foreign news outlet.
NCERT, the agency responsible for cybersecurity coordination across government entities, issued the alert after detecting multiple targeted attacks within the country. The Aug. 9 advisory outlines how the Blue Locker ransomware affects Windows-based systems, including desktops, laptops, servers, network shares, and cloud-synced or backup storage accessible during the breach.
“The ransomware encrypts victim files, adds the ‘.blue’ extension, and demands ransom payments in exchange for decryption keys,” the advisory stated.
“It typically spreads through trojanized downloads, phishing emails, compromised websites, and unsafe file-sharing platforms. Once active, it can disable antivirus tools, move laterally across networks, and steal sensitive information.”
NCERT warns the malware has the potential to cause serious data loss, operational disruption, and reputational damage.
NCERT’s Recommendations for Organizations:
- Keep all systems updated with the latest security patches.
- Enable multi-factor authentication across services.
- Filter out malicious emails and block harmful web content.
- Avoid downloading software from unverified sources.
- Train staff to recognize cyber threats.
- Maintain offline backups of critical data.
- Continuously monitor systems for unusual activity.
- Immediately isolate any infected system and report incidents to cybersecurity teams.
Experts Warn of Systemic Weaknesses
Cybersecurity experts say the threat highlights deeper vulnerabilities in Pakistan’s government IT infrastructure.
Tariq Malik, former Chief Technology Officer for Pakistan’s army, noted that most ministries and departments are ill-equipped to handle sophisticated cyberattacks.
“There is a lack of structured policies and cybersecurity frameworks,” he said.
“Government offices often treat technology as personal tools rather than secure systems, and they lack the necessary defenses and training.”
Ammar Jaffery, president of the Pakistan Information Security Association (PISA), emphasized the need for a shift from a reactive to a proactive cybersecurity posture.
“Cybersecurity is no longer a one-time effort. Threats evolve daily, and so must our defenses,” he said.
“Organizations need ongoing training programs and regular system checks. Hackers are always ahead — the only defense is continuous learning and awareness.”
Jaffery also urged key ministries to establish their own cybersecurity teams, including Security Operations Centers (SOCs) and Security Information and Event Management (SIEM) systems.
“Each ministry should have its own Computer Emergency Response Team (CERT) — like a 24/7 guard at the door — to ensure vigilance and immediate response.”