ISLAMABAD: Pakistan’s National Computer Emergency Response Team (National CERT) on Tuesday issued a cybersecurity advisory warning that “hostile actors” could exploit supply chains to target critical national infrastructure, including power systems, banking networks and defence installations.
The advisory said even minor lapses during the delivery of hardware and software could trigger large-scale system failures, underscoring growing global concerns over vulnerabilities in supply chains.
Risks in global supply chains
National CERT said cyber threats were increasingly extending beyond networks into logistics and manufacturing stages, where state-sponsored espionage could compromise equipment before deployment.
“All hardware deliveries should be treated as potential security risks,” the advisory said, urging strict inspection protocols.
National CERT warned that unverified software updates could introduce hidden backdoors, posing long-term risks to national digital infrastructure.
The agency also flagged vendors with unclear ownership structures as a major risk factor, calling on institutions to ensure transparency and thorough due diligence in procurement processes.
Single-supplier dependence
The advisory cautioned that reliance on a single supplier could create systemic vulnerabilities.
A breach in one entity, it said, could disrupt entire sectors such as the national power grid or banking system.
Institutions have been directed to adopt tamper-proof mechanisms and tracking systems for transporting sensitive equipment.
They were also instructed to report suspicious network activity and unusual software behaviour promptly to relevant authorities.
National CERT further recommended the implementation of a zero-trust security model, under which all devices must be authenticated before being connected to networks.
Risk of disruption
The advisory warned that neglecting supply chain security could lead to the “complete paralysis” of critical national installations.
It stressed the need to strengthen cybersecurity frameworks as Pakistan’s digital infrastructure expands across sectors.
The warning comes amid a series of recent cyber incidents in the country.
Earlier this month, multiple Pakistani television channels, websites and mobile applications were targeted in coordinated cyberattacks.
The main disruption affected the Pak-Sat satellite, resulting in transmission issues for several television channels.
During the same week, the National Assembly was informed of the need for a robust firewall system to strengthen the country’s cyber defence.
Minister for IT and Telecom Shaza Fatima Khawaja told lawmakers that several measures had already been taken to enhance cybersecurity and protect citizens’ digital space.
She emphasised the importance of further investment to safeguard Pakistan’s digital boundaries against evolving threats.
