The Cabinet Division of Pakistan has issued a formal advisory to all federal divisions following growing concerns of a potential cyber attack, believed to be originating from India. The advisory, issued on May 6, 2025, alerts government officials to an ongoing phishing campaign aimed at compromising sensitive information within the Pakistani government.
According to the advisory, the threat is allegedly linked to a notorious Indian cyber threat actor group known as “SideWinder.” This group has reportedly been active in launching cyber-attacks against Pakistan for several years. The group’s latest campaign involves the use of deceptive phishing emails, which are designed to trick recipients into disclosing confidential and sensitive information. These emails, often targeting government officials, appear to come from trusted sources, including Pakistan’s own cybersecurity directorates, in an effort to increase their credibility and deceive the recipients.
The Cabinet Division’s advisory stresses the urgent need for heightened vigilance across all government departments to prevent the success of these malicious attacks. The advisory strongly recommends that federal departments implement advanced cybersecurity measures, including email filtering solutions, malware detection systems, and spam checks, to help block potential phishing attempts before they reach the inbox of officials.
Additionally, the advisory calls for a proactive approach in training government personnel to recognize and avoid phishing and social engineering attacks. Officials are urged to pay close attention to emails that appear to originate from internal or high-level government sources, as these are often used by cybercriminals to increase the likelihood of success.
The cybersecurity threat posed by foreign-backed actors like the SideWinder group is a serious concern, and the Cabinet Division has emphasized the importance of coordinated efforts between various government sectors to safeguard sensitive data. In its statement, the Cabinet Division highlighted that Pakistan’s national security could be at risk if these cyberattacks succeed in compromising critical government systems or stealing classified information.
The SideWinder group has been identified in past reports as a sophisticated and persistent cyber actor, with a history of targeting government and military institutions in Pakistan. Its recent campaign is yet another sign of the growing importance of cybersecurity measures, particularly within the context of geopolitical tensions. The advisory’s release comes amid an increasing number of high-profile cyberattacks across the region, highlighting the need for governments to stay ahead of rapidly evolving digital threats.
As part of its recommendations, the Cabinet Division has also stressed the importance of enhanced internal communication and real-time sharing of threat intelligence. The advisory urges that all government departments immediately report any suspicious activity related to these phishing attempts and work together to mitigate the risk posed by these external cyber threats.
Pakistan’s cybersecurity infrastructure has been bolstered in recent years, but this latest advisory serves as a reminder of the ongoing threats facing the nation. It underscores the importance of a proactive and collaborative approach to cybersecurity, particularly when faced with cyber adversaries who are continuously refining their tactics.
The Cabinet Division’s move to issue this warning is part of a broader strategy to ensure the integrity and security of Pakistan’s digital infrastructure. As cyber threats continue to evolve and grow more sophisticated, maintaining an effective defense against such attacks is crucial to protecting national security and preserving the confidentiality of government data. This advisory, while a response to a specific threat, also acts as a general call to action for the enhancement of Pakistan’s overall cybersecurity posture.
