ECP issues cyber security alert to employees

ISLAMABAD: The Election Commission of Pakistan (ECP) has issued a cyber security alert to its employees after attempts were made by hitherto unidentified hackers to gain access to the stored information. According to an alert issued to the officers, the commission cautioned that someone is sending emails to all the officers.

The alert reads: “Please do not open this email; this is a ransomware attack and is trying to steal the information. Kindly ignore this email and report it as spam or junk.” The alert contains the signature of Naveed Ahmed Kandhir, who is an Information Security Specialist, ECP: The cyber security alert dated July 6 contains a screenshot of a phishing email titled ‘implementation of social media policy’ dated July 5, with a 2 KB RAR file attached to it. “Attached, please find the letter No. 6-4/1523, dated: 05-07-2023, regarding the subject cited above for compliance, please. Details for the above have not been submitted; you are requested to provide the details by July 11, 2023,” the email purportedly sent by Muhammad Shahid, who is PS to director general (P&S), reads, prompting the recipients to open the attachment to become victims.

Copies of the alert have been sent to the principal staff officer to the chief election commissioner, staff officer to the secretary, ECP, PS to the additional secretary, ECP, all head of wings and officers in the ECP Secretariat, and all provincial election commissioners (PECs) with a request for circulation to all regional and district election commissioners. “By encrypting files and demanding a ransom payment for the decryption key, cyber attackers place organisations in a position where paying the ransom is the easiest and cheapest way to regain access to their files,” a senior ECP official told this correspondent about the ransomware.