The Indian government issued a critical security alert on February 7th, warning of targeted cyberattacks launched by Pakistani intelligence operatives against sensitive Indian installations and departments. The alert, reviewed by Moneycontrol, urges vigilance against malicious emails containing hidden malware disguised as legitimate documents.

According to the circular issued by the Controller General of Defence Accounts, responsible for managing the armed forces’ finances, intelligence suggests “Pak (sic) intelligence operatives (PIOs)” have been consistently attempting to extract sensitive information through “pseudonymous calls.” However, a concerning shift in tactics has been observed, with Pakistani operatives now “stepping up efforts to mount cyber attacks on various sensitive installations/departments by sending malicious files through email.”

These emails, designed to deceive recipients, are disguised as legitimate documents but harbor malicious software capable of compromising systems and stealing sensitive data. The Indian government urges all sensitive installations and departments to remain vigilant and exercise extreme caution when opening emails, especially those from unknown senders or containing suspicious attachments.

This alert highlights the evolving nature of cyber threats and the increasing sophistication of tactics employed by foreign actors. It underscores the importance of cybersecurity awareness and best practices for all organizations, particularly those deemed critical national infrastructure.