Attacks on Pakistani government websites are being carried out by an Indian hacking group.
The SideWinder group illegally accesses the legitimate mailing systems of numerous departments in Pakistan by using identities belonging to the Pakistani government, according to the National Telecommunication and Information Security Board’s (NTISB) advisory.
According to the advisory, the group attempted to hack into the systems of NADRA, the Pakistan Air Force, and other crucial organizations in order to steal private data from Pakistani users.
According to the advisory, APT Group engages in cyber attacks using real and fake super phishing emails.
Using government credentials to gain access to government email systems, the group conducts cyber espionage operations by using malware that is embedded in phony emails. The SideWinder group allegedly recently targeted NADRA, the Pakistan Airforce, and other significant organizations in order to steal private information.
The advisory claims that although the SideWinder group has been operating since 2012, its nefarious activities were only discovered in 2018 by a number of cybersecurity researchers.
This group was also involved in cyberattacks between May and October 2022 against the FIA, SNGPL, NADRA, and other significant institutions, and advisories were issued in this regard on multiple occasions. The group conducts such operations in all of South Asia, including Pakistan, and periodically modifies its strategies and methods.
Government agencies have been urged by the NTISB to regularly update all software and operating systems with reputable and latest antivirus. By using multi-factor strong passwords in every system, mobile, financial, and mailing account, government organizations have been urged to revisit the system’s security measures.
Government employees have been warned not to use personal accounts on work computers and not to divulge their passwords and other personal information to unapproved users, websites, or software.
Government departments and employees have been warned by the NTISB not to install unauthorized or suspicious software, and they have also been warned not to open unauthorized links or attachments.
Additionally, the officials have been urged to refrain from visiting HTTP websites and only open HTTPS-secured ones.