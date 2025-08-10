ISLAMABAD: Pakistan’s National Cyber Emergency Response Team (NCERT) has issued an advisory in response to a rising number of cyberattacks across the country, ARY News reported.

According to the advisory, hackers are exploiting unverified platforms and infected files to carry out these attacks. The Blue Locker virus is specifically used to infiltrate systems, enabling cybercriminals to demand ransom from affected organizations.

The advisory highlights an increase in incidents involving the Blue Locker malware, where hackers demand ransom from targeted institutions.

Such attacks have disrupted business operations, with the potential to completely destroy critical files. The Cyber Emergency Response Team has sent warning letters to 39 ministries and institutions, urging them to enhance their cybersecurity measures.

To mitigate the risk of cyberattacks, the team recommends adopting multi-factor authentication systems.

Additionally, institutions are advised to implement email filtering systems to scrutinize links and attachments, which are common entry points for malware. The advisory further emphasizes the importance of isolating shared drives and maintaining backups to minimize damage in the event of an attack.

Organizations are also instructed to preserve forensic evidence to aid investigations if a cyberattack occurs.

The Cyber Emergency Response Team has directed all institutions to proactively strengthen their defenses against ransomware to prevent future incidents.

Earlier, Pakistan Petroleum Limited (PPL) confirmed that its IT infrastructure came under a ransomware cyberattack, with attackers demanding a ransom from the company.

According to a statement issued by PPL, a ransom note was received following the cyber breach.

The incident formally reported to regulatory authorities and law enforcement agencies, and a thorough investigation is currently underway.

A Pakistan Petroleum Limited spokesperson stated that no sensitive company data was compromised, although certain portions of the IT infrastructure were temporarily suspended as a preventive measure.