State-linked hackers from India and China separately targeted Pakistan’s law enforcement networks over two years, according to cybersecurity firm SentinelOne. The campaigns, identified between February 2024 and April 2026, primarily focused on the Balochistan Police, which oversees security in Pakistan’s largest province.
Cyberattacks on Pakistani Law Enforcement
Researchers found malware planted in a public portal used by citizens to file complaints against police. The attacks extended to three other agencies: Khyber Pakhtunkhwa Police, Islamabad Police, and the Punjab Safe Cities Authority. Khyber Pakhtunkhwa police stated that no core systems were compromised, emphasizing that security remains a top priority.
Balochistan has long faced separatist insurgencies tied to political marginalization, resource disputes, and alleged human rights abuses by the Pakistani government. The region’s instability, coupled with tensions between Pakistan and Afghanistan, may explain the foreign interest in its law enforcement data.
Motives Behind the Espionage
Aleksandar Milenkoski, a principal threat researcher at SentinelOne, noted that the convergence of multiple cyberespionage actors targeting a single state’s law enforcement signals the value of such institutions. These agencies hold critical internal security intelligence, including threats within a country’s borders and its response strategies.
China’s interest likely stems from the safety of its nationals working in Pakistan, while groups linked to India may be driven by tensions with Islamabad, particularly after the 2025 Pahalgam terror attack. Beijing has denied involvement, stating it opposes all forms of cyberattacks and does not permit such activities within its territory.