Posted on April 19, 2023 at 8:50 AM

Hackers send fake emails to government agencies and departments on behalf of NTISB

The National Telecommunication & Information Technology Security Board (NTISB) has become the latest victim of cyberattacks. The attack in question involved fake emails sent to government agencies and departments. The emails appeared to have been set from NTISB.

Hackers send fake emails on behalf of NTISB

The Cabinet Division issued an advisory on this matter, which warned that all the concerned parties needed to be on alert because of these fake emails. The emails contain malicious attachments that can be used to steal sensitive data.

The advisory has gone ahead to state that the hackers were using email addresses that appeared genuine and official. One of the fake email accounts linked to this activity is “Assistant_Secretary_NTISB@gmail.com. The attachments contained within these emails contain malware.

The hackers craft the message to make it appear that the attachments have been sent from the Assistant Secretary NTISB –II. However, the affected parties have been warned against opening these attachments.

The Cabinet Division has urged government agencies to be cautious and disregard any emails that appear to have been sent from these malicious addresses. The Cabinet Division has also shared a list aimed at helping these agencies distinguish between genuine and fraudulent NTISB emails.

Some of the genuine email addresses belonging to the NTISB include [dsntisb@cabinet.giv.pk], [asntisb1@cabinet.gov.pk], and [asntisb2@cabinet.gov.pk]. The Cabinet Division noted that these three email addresses are the only official ones belonging to the NTISB.

Any emails that have not been sent from the three official addresses but claim to have been sent from the NTISB must be treated with caution. This advisory has been sent to several parties at risk of being targeted with these fake emails.

The key stakeholders to whom this caution has been sent out include the Secretary to the Prime Minister, the Secretary to the President, the Cabinet Secretary, chief secretaries of provincial governments and all secretaries to federal government ministries.

The Cabinet Division has also called for all the subordinate institutions and departments to have the appropriate protection measures to guarantee the safety and security of sensitive information. Such measures are needed to keep hackers at bay and protect systems from unauthorized access.

Government agencies become targets for hacking attacks

Hackers have increasingly targeted government organizations to steal sensitive information. Some of the reasons why hackers target these organizations include espionage and financial gains. Besides Pakistan, the US and other Western countries have become top targets for hacking attacks.

In most cases, hacking attacks against government agencies are conducted by hacktivist groups or state-sponsored hackers. The recent wave of attacks has been attributed to Russian hacktivist groups targeting adversaries because of the ongoing war between Russia and Ukraine.

The KillNet hacking group has been the most active, launching attacks targeting Western countries and NATO. The group also claimed responsibility for distributed denial-of-service (DDoS) attacks targeting several US states.

The US Marshals Service, under the US Justice Department, was also the victim of a hacking attack last month. Reports said that the hackers responsible for this breach stole a wide range of personal information about agency employees and investigative targets. The attack was a sensitive one given that the Marshals Service is tasked with transporting federal prisoners, protecting judges, and running the witness protection program.

In 2022, Chinese hackers targeted at least six government agencies. The State Department, the Department of Homeland Security, and other federal agencies were also targeted in 2022 as part of the SolarWinds operations. Last month, the City of Oakland declared an emergency after a ransomware attack took its systems offline.

The wave of hacking attacks targeting government agencies shows governments need to fix any vulnerabilities in their systems. The strategies used by hackers are constantly evolving, and government agencies need to keep up and ensure that they are not left behind. This includes implementing robust cybersecurity systems that will keep hackers at bay.

Most attacks target local governments because of their weak defenses, low IT budgets, and limited IT employees. These are often more overstretched than the private sector. Hackers will also have an easier time installing ransomware. For large government departments, including the US Marshals, the appeal towards hackers is their access to public funds. These make these government agencies lucrative targets for hackers.