Pakistan has accelerated cybersecurity oversight of official digital platforms following recent hacking attempts targeting both government and private sector online systems. Authorities initiated a comprehensive review of public sector websites in response to growing concerns about cyber threats and potential data breaches. The nationwide assessment is being carried out by National CERT, which has taken the lead in evaluating the security posture of government web infrastructure. The initiative focuses on identifying technical weaknesses, strengthening digital defenses, and ensuring that critical online services operated by state institutions remain protected from unauthorized access and cyberattacks.
As part of the review, approximately 300 government websites were selected for detailed security evaluation. These platforms include websites belonging to federal ministries, attached departments, and various public institutions that provide services or information to citizens. Officials involved in the assessment confirmed that security scanning has already been completed for 280 of the identified websites, while the remaining 20 portals are still undergoing review. The progress indicates that roughly 93 percent of the planned audit has already been carried out. The results of the scans have been compiled into technical reports and shared with the relevant ministries and departments so that they can implement corrective measures and address the vulnerabilities identified during the process.
According to officials familiar with the assessment, the audit uncovered several security gaps within servers, system configurations, and web applications used by government entities. These issues were categorized according to severity levels, including critical, high, medium, and low risk vulnerabilities. Some of the weaknesses identified across different platforms include outdated software components, insufficient security controls, and misconfigured systems that could potentially allow attackers to gain unauthorized access. Authorities emphasized that identifying these issues through proactive security testing allows institutions to correct weaknesses before they are exploited by malicious actors.
Government departments have been directed to immediately strengthen cybersecurity measures across their digital infrastructure. Recommendations provided by National CERT include applying security updates to operating systems and web applications, implementing web application firewalls, and enhancing monitoring systems to detect suspicious activity. Agencies have also been advised to tighten user access controls and establish stricter authentication procedures to prevent unauthorized entry into sensitive systems. By reinforcing these safeguards, officials aim to significantly reduce the risk of cyber intrusions and improve the resilience of public sector digital services.
Experts involved in the process also noted that security reviews often reveal common weaknesses such as outdated platforms, weak password practices, and poorly secured databases that may expose sensitive information if not addressed promptly. Authorities have therefore encouraged ministries and departments to upgrade legacy systems, strengthen backup infrastructure, and implement stronger security policies across their digital operations. In cases where vulnerabilities are considered severe, some websites may undergo temporary shutdowns or system upgrades until adequate protections are installed. These measures are intended to ensure that public sector digital platforms operate within secure environments and continue delivering services without exposing critical government data to potential cyber threats.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
