A security alert was issued last Friday after a cyber-attack on the Election Commission of Pakistan (ECP). The electoral watchdog has urged all employees to take the necessary precautions in the wake of the situation. All ECP staff were ordered not to open emails which could possibly lead to precious data being leaked. The letter dated 6 July, titled “Cyber Security Alert” and written by the ECP Information Security Specialist who shared a screengrab of an email sent to an ECP official that asked the recipient to open an attached RAR file titled “Cabinet.” Referring to the said email, the ECP said that “someone is […] sending the email to all” the ECP officials.[1]
The electoral body said it was a “ransomware attack and trying to steal the information,” and asked its employees to not open the said email, ignore it and report it as spam.
The alleged phishing email was sent to an ECP employee and informed the recipient about a letter, dated 5 July, that was attached to the email. It alerted the recipient that “details for the above are not submitted” and asked them to provide the details by 11 July. The email also shared an alphanumeric five-digit passcode without specifying what it was for.
A media conducted Google search of a telephone number attributed to the sender did not show any results relevant to the election commission. In January this year, the country’s Power Minister had said a “cyberattack on the national grid cannot be ruled out” when detailing the inquiry progress on a countrywide power outage earlier that month.
Of interest, last month, Pakistan’s national security had once again been compromised due to negligence at the National Institutional Facilitation Technologies (NIFT). Cyber attackers managed to breach the security of the check clearing institution, gaining unauthorized access to data and forcing the banking system to resort to a manual system despite the primacy of digital technology.
Even after seven days since the cyber-attack occurred last week, NIFT is still in the process of fully restoring its normal operations. Checks are being cleared manually nationwide, and digital payment services remain halted. On 16 June, the attack had forced the national institution to shut down both its data centers in Islamabad and Karachi. NIFT issued a statement claiming that there was no “significant compromise” of its data or systems. However, the statement suggests that some level of security breach did occur, although it was considered insignificant.
The attack on Pakistan’s election commission underscores the seriousness of data intrusion into national elections. There have been numerous allegations since the US 2020 presidential election process.[2]
This article is presented at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
Reporting: https://www.redskyalliance.org/
Website: https://www.redskyalliance.com/
LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5993554863383553632
[1] https://dailytimes.com.pk/1111344/cyber-attack-triggers-security-alert-at-ecp/
[2] https://www.msn.com/en-us/news/politics/arizona-secretary-of-state-s-office-subpoenaed-in-special-counsel-probe-into-2020-election-interference/ar-AA1dx8ux
Comments