The Election Commission of Pakistan (ECP) has warned its employees about a ransomware attack that it said was “trying to steal information” through phishing methods, it emerged on Friday.
The letter dated July 6, titled “Cyber Security Alert” and written by ECP Information Security Specialist Naveed Ahmed Kandhir — shared a screengrab of an email sent to an ECP official that asked the recipient to open an attached RAR file titled “Cabinet”.
Referring to the said email, the ECP said that “someone is […] sending the email to all” the ECP officials.
The electoral body said it was a “ransomware attack and trying to steal the information”, and asked its employees to not open the said email, ignore it and report it as spam.
The alleged phishing email — sent to an ECP employee — informed the recipient about a letter, dated July 5, that was attached to the email.
It alerted the recipient that “details for the above are not submitted” and asked them to provide the details by July 11. The email also shared an alphanumeric five-digit passcode without specifying what it was for.
A Google search of a telephone number attributed to the sender did not show any results relevant to the election commission.
In January this year, Power Minister Khurram Dastgir had said a “cyberattack on the national grid cannot be ruled out” when detailing the inquiry progress on a countrywide power outage earlier that month.
