A recent report from Pakistan’s Telecommunication Authority (PTA) reveals alarming figures in the country’s telecom and digital sectors, with 720 malware attacks recorded in 2023 alone. In addition, the digital landscape experienced 550 phishing attacks, 300 DDoS incidents, 200 ransomware intrusions, and 150 insider threats. These figures underline the urgent need for stronger cybersecurity measures to protect Pakistan’s rapidly expanding digital economy and secure user data and critical infrastructure.
The report highlights the growing threat from Advanced Persistent Threats (APT) groups, considered the most sophisticated and dangerous cyber adversaries. APT groups continuously evolve their attack strategies, often staying ahead of traditional defenses, and target high-value sectors with geopolitical motivations, posing significant risks to national security.
Notable APT groups targeting Pakistan in 2023 include Gamaredon, Donot, Sidewinder, and Lazarus, which have primarily focused on government agencies, internet infrastructure, and healthcare organizations. The report emphasizes that geopolitical factors influence these attackers’ objectives, as they seek to steal sensitive information and disrupt operations in critical sectors.
The telecom sector in Pakistan was particularly impacted, with Gamaredon responsible for 20 attacks, Donot with 14, Bitter with 13, and Kimsuky and Lazarus each conducting 8 attacks. Sidewinder accounted for 7 incidents, along with 17 attacks from various other APT groups. These figures suggest a rising trend in APT activities, signaling a need for enhanced cybersecurity protocols across both public and private sectors to address the growing threats.