CYBER ALERT

Cyber Attack Alert: India on High Alert as Pakistan-Based Hackers Escalate Digital Warfare

New Delhi, May 9, 2025

As India and Pakistan grapple with heightened military and diplomatic tensions following the April 22 Pahalgam terror attack and India's retaliatory Operation Sindoor, a new battlefront has emerged in the digital realm. Indian cybersecurity agencies have issued urgent alerts, warning of a surge in cyberattacks orchestrated by Pakistan-based hacker groups targeting critical infrastructure, defense systems, and financial institutions. The Indian Computer Emergency Response Team (CERT-In) and other authorities are on high alert, fortifying the nation's digital defenses to thwart these malicious attempts.

A New Wave of Cyber Aggression

The escalation in cyberattacks comes in the wake of India's precision missile strikes on nine terrorist targets in Pakistan and Pakistan-occupied Kashmir (PoK) on May 7, codenamed Operation Sindoor. The operation was a response to the brutal Pahalgam attack, which claimed 26 lives, mostly tourists. As physical borders witness drone and missile skirmishes, cyberspace has become a volatile arena where Pakistan-based hackers, including the notorious "Pakistan Cyber Force," are attempting to destabilize India's digital infrastructure.

On May 6, the Pakistan Cyber Force claimed responsibility for breaching sensitive data from Indian defense websites, including the Military Engineering Services (MES) and the Manohar Parrikar Institute for Defence Studies and Analyses (MP-IDSA). The group also defaced the website of Armoured Vehicles Nigam Limited (AVNL), a state-owned defense firm. Indian authorities have confirmed that cybersecurity agencies are actively investigating these claims, with the AVNL website taken offline for a thorough audit to assess potential damage.

Since the Pahalgam attack, Pakistani hackers have been relentlessly targeting government websites, particularly in northern India. These attacks aim to disrupt operations, steal sensitive data, and create panic among citizens. — Senior Cybersecurity Official (Anonymous)

Targets and Tactics

The cyberattacks have been sophisticated and multi-pronged, targeting a wide range of sectors:

Main Targets

• Defense Sector Hackers have attempted to infiltrate websites linked to the Indian armed forces, including welfare and education portals. Earlier attempts to harvest personal information from army schools in Jammu & Kashmir and veterans' healthcare websites were thwarted, showcasing India's robust cyber defenses.
• Financial Institutions Indian banks, including public sector giants, have bolstered their cybersecurity networks to ward off potential threats. The Bombay Stock Exchange (BSE) has intensified its monitoring for cyber risks, ensuring that critical market infrastructure remains secure. ATMs in border areas have been flushed with funds to prevent disruptions for citizens.
• Government Websites CERT-In has issued advisories to high-risk stakeholders, urging them to strengthen their systems against phishing, malware, and website defacement attempts. The agency noted a spike in efforts to hack and alter the content of government portals since the Pahalgam attack.
• Critical Infrastructure Telecommunications and power grids in border states like Punjab, Rajasthan, and Jammu & Kashmir are under heightened scrutiny, with experts warning of potential disruptions.

Social media posts on X have amplified public concern, with warnings about phishing links and malicious messages circulating on platforms like WhatsApp. One user urged citizens to remain vigilant, stating, "Pakistan is planning a big cyber attack. Unknown links, calls, or messages should be avoided—digital war is on, and every citizen is a soldier."

India's Robust Response

India's cybersecurity apparatus has swung into action to counter these threats. CERT-In, under the Ministry of Electronics and Information Technology (MeitY), is coordinating with banks, telecom operators, and government agencies to fortify digital defenses. The agency has advised organizations to implement multi-factor authentication, update software patches, and conduct regular security audits.

The Indian armed forces, already on high alert after neutralizing Pakistan's drone and missile attacks on May 7-8, are working closely with cybersecurity experts to protect military networks. Previous attempts by Pakistan-linked groups to target the Indian Army's IT network with malicious files were successfully foiled, demonstrating India's preparedness.

In a bold counteroffensive, an Indian hacker group claimed on April 28 to have breached Pakistan's strategic assets, including military operations, air force, navy, and intelligence networks, as well as the Pakistan Stock Exchange. While these claims remain unverified, they underscore the intensity of the ongoing cyber warfare.

Precautions and Safety Measures for Citizens

To protect themselves and contribute to India's digital defense, citizens are urged to adopt the following precautions and safety measures:

1 Avoid Suspicious Links

• Do not click on unknown links or attachments in emails, WhatsApp, SMS, or social media messages.
• Verify the sender's identity before responding to messages requesting sensitive information.

2 Use Strong Passwords

• Create complex passwords with a mix of letters, numbers, and special characters.
• Enable Multi-Factor Authentication (MFA) on all accounts.

3 Keep Software Updated

• Regularly update operating systems, browsers, antivirus software, and apps.
• Enable automatic updates to ensure timely protection.

4 Be Cautious on Social Media

• Avoid sharing sensitive personal information on social media platforms.
• Be wary of fake accounts impersonating officials or organizations.

5 Secure Home Networks

• Change default passwords on Wi-Fi routers and use WPA3 or WPA2 encryption.
• Avoid using public Wi-Fi for sensitive transactions unless using a trusted VPN.

6 Monitor Financial Accounts

• Regularly check bank and credit card statements for unauthorized transactions.
• Report suspicious activity immediately and enable transaction alerts.

7 Report Cyber Incidents

• Report suspicious activity to CERT-In via their website or helpline (1800-11-4949).
• Inform local police cybercrime units for assistance.

8 Educate Others

• Spread awareness about cyber threats, especially among children and elderly family members.
• Teach recognition of phishing attempts and proper online safety practices.

The Broader Context

The cyber offensive is unfolding against the backdrop of escalating India-Pakistan tensions. India's Operation Sindoor targeted terrorist infrastructure linked to Jaish-e-Mohammad and Lashkar-e-Taiba, prompting Pakistan to retaliate with drone and missile attacks on Indian military installations. These attacks were neutralized by India's Integrated Counter Unmanned Aerial System (UAS) Grid and Air Defence systems, with no reported losses.

The digital skirmishes are seen as an extension of Pakistan's strategy to destabilize India amid public pressure following civilian casualties in India's strikes. Analysts warn that Pakistan's military may be leveraging cyberattacks to compensate for its setbacks on the physical battlefield.

A Call to Action

As the nation stands united against external threats, cybersecurity experts are urging citizens to play their part in safeguarding India's digital sovereignty.

Every click matters. Avoid suspicious links, update your devices, and report any unusual activity. — Top Cybersecurity Consultant

The government has also canceled leaves for officials in border states and Delhi, ensuring round-the-clock preparedness. Schools and colleges in border districts remain closed, and airports are on high alert, with 24 facilities temporarily shut due to the security situation.

A Resilient India

India's response to this dual threat—on the ground and in cyberspace—reflects the nation's resilience and determination. As Prime Minister Narendra Modi postpones his Europe visit to focus on the crisis, the country rallies behind its armed forces and cybersecurity warriors.

External Affairs Minister S. Jaishankar has reiterated India's commitment to a measured response, warning Pakistan against further escalation. "Any attack on Indian infrastructure will invite a firm response," he stated, emphasizing India's resolve to protect its sovereignty.

As the digital war intensifies, India stands firm, leveraging its technological prowess and patriotic spirit to counter Pakistan's nefarious designs. The nation's cybersecurity heroes are working tirelessly to ensure that India's digital borders remain as impregnable as its physical ones.

Jai Hind!

Sources: The Economic Times, The Times of India, Mint, NDTV, Business Standard, Financial Express, and posts on X.