Cases of ransomware attacks demanding digital ransom through malicious software are on the rise in the country, prompting the National Cyber Emergency Response Team (National CERT) to issue a fresh advisory.
According to the advisory, incidents involving the “BlueLocker” malware have increased, with hackers targeting organizations through unverified platforms and virus-infected files to extort payments. Such attacks can lead to the suspension of business operations and the permanent loss of important files.
National CERT warned that BlueLocker ransomware is capable of disabling antivirus protection, spreading through entire networks, and stealing sensitive data. The malware is being distributed via trojanized downloads, phishing emails, unsecured file-sharing platforms, and hacked websites. The advisory states that Windows-based desktops, laptops, servers, networks, and cloud storage systems are the primary targets, with the severity level rated as “extremely high.”
The team has recommended that all organizations adopt multi-factor authentication systems to enhance security and implement advanced email filtering for links and attachments. In the event of a cyberattack, it has advised disconnecting shared drives and backups, and ensuring they remain offline and secure. Institutions have also been urged to preserve forensic evidence to support investigations and to strengthen preventive systems against ransomware threats.
National CERT has also emphasized the need to train employees in identifying suspicious emails and links, maintain updated system defenses, and improve institutional vigilance. Organizations have been directed not to download files from unverified sources or click on questionable attachments, as these remain the most common gateways for ransomware infiltration.
Director General Dr. Haider Abbas has sent warning letters to 39 ministries and key institutions, including the Cabinet, Interior, and Foreign Affairs ministries, NECTA, FIA, National Security Division, Establishment Division, Election Commission, National Assembly, National IT Board, PEMRA, NDMA, OGRA, FBR, and ministries of Finance, Communications, Privatisation, Religious Affairs, IT & Telecom, Law and Justice, Railways, Commerce, Environment, Industries & Production, and Science & Technology, among others, advising immediate action to prevent such cyberattacks.