Summary
- A new cybersecurity report reveals that hacking groups tied to China and India separately targeted Pakistani law enforcement agencies over a two year span, exposing digital vulnerabilities inside institutions that manage the country’s internal security operations.
- Analysts who study regional cyber activity note that law enforcement agencies frequently lag behind military and diplomatic institutions in cybersecurity investment, even though they hold comparably sensitive material.
- As tensions between Pakistan and India persist alongside deepening economic cooperation between Pakistan and China, analysts expect law enforcement and security institutions in the region to remain attractive targets for state linked hacking operations in the months ahead.
A new cybersecurity report reveals that hacking groups tied to China and India separately targeted Pakistani law enforcement agencies over a two year span, exposing digital vulnerabilities inside institutions that manage the country’s internal security operations.
Researchers at the cybersecurity firm SentinelOne published the findings on Thursday, describing distinct intrusion campaigns that struck several Pakistani policing bodies between February 2024 and April 2026. The Balochistan police bore the brunt of the activity, though investigators also documented efforts against the Khyber Pakhtunkhwa police, the Islamabad police, and the Punjab Safe Cities Authority, a government body that runs surveillance and monitoring systems for police forces across major Punjab cities.
Aleksandar Milenkoski, a principal threat researcher at SentinelOne, framed the overlapping interest from separate espionage actors as a meaningful indicator in itself. He said that when several cyberespionage groups pursue the same law enforcement institutions within one country, that overlap signals how much value those targets hold. He added that the institutions in question hold a government’s internal security picture, including its awareness of domestic threats and its response strategy.
The report states that these agencies play central roles in tracking both internal and external threats while coordinating responses among law enforcement bodies and other government authorities. Investigators wrote that the campaigns give outside observers a rare window into how foreign actors seek information about Pakistan’s security landscape, a landscape shaped by militant violence, friction with Afghanistan, and Islamabad’s economic ties with Beijing.
According to Milenkoski, the operation against the Balochistan police reached deep into the force’s digital infrastructure. Attackers targeted network equipment, web servers, and multiple online applications, including the department’s Complaint Management System. The Balochistan police did not answer requests for comment on the findings.
SentinelOne suggested that the motivations behind each campaign likely differ. The report links Chinese interest in these agencies to concerns over the safety of Chinese nationals stationed in Pakistan, many of whom work on infrastructure and economic projects tied to Beijing’s investments in the country. These workers have faced fatal attacks in recent years, a pattern that may explain why groups connected to China would seek visibility into Pakistani law enforcement systems. Researchers tied the interest from India linked groups instead to long standing tensions between the two nations and Pakistan’s wider security posture.
Liu Chang, spokesperson for the Chinese Embassy in Washington, addressed the allegations in an emailed statement. Liu said China opposes and fights all forms of cyberattacks under the law and does not permit any country or individual to conduct illegal digital activity within Chinese territory or through Chinese infrastructure. The Indian Embassy in Washington did not respond to questions about the report.
The Khyber Pakhtunkhwa police issued a statement addressing the claims directly, saying that protecting its systems remains a matter of the highest priority. The force stated that no evidence shows any core police system, network, or critical application suffered a successful breach. The agency acknowledged, however, that it experienced a rise in attempted cyber activity during a period of heightened tension between Pakistan and India last year. Officials confirmed one isolated case in which attackers compromised the login credentials of a single end user.
The Islamabad police, the Punjab Safe Cities Authority, and Pakistan’s Ministry of Interior did not respond to requests for comment on the report.
SentinelOne’s findings add to a growing body of evidence showing that South Asian and East Asian intelligence linked actors increasingly view police and internal security databases as high value targets, since these systems often store sensitive case files, informant networks, and operational planning documents. Analysts who study regional cyber activity note that law enforcement agencies frequently lag behind military and diplomatic institutions in cybersecurity investment, even though they hold comparably sensitive material.
The report does not name the specific hacking groups responsible for each campaign, though it links the activity to broader clusters that researchers have previously associated with state aligned operations originating from China and India. Neither government has publicly acknowledged directing such campaigns against Pakistani institutions, and both countries routinely deny involvement in state sponsored hacking when such allegations surface.
Pakistan has faced repeated scrutiny over the resilience of its digital infrastructure in recent years, as government ministries, police departments, and other public bodies increasingly rely on networked systems for case management, citizen services, and surveillance. Cybersecurity researchers have flagged gaps in how these institutions secure their networks, particularly at the provincial level, where resources for dedicated cybersecurity staff often fall short of what national agencies can deploy.
The overlapping campaigns against Pakistani law enforcement agencies illustrate how geopolitical rivalries increasingly play out through digital channels rather than solely through traditional intelligence gathering. As tensions between Pakistan and India persist alongside deepening economic cooperation between Pakistan and China, analysts expect law enforcement and security institutions in the region to remain attractive targets for state linked hacking operations in the months ahead.
We welcome your contributions! Submit your blogs, opinion pieces, press releases, news story pitches, and news features to opinion@minutemirror.com.pk and minutemirrormail@gmail.com

