Cyber Incident Victim: Pakistan Ministry of Interior
Date:
Sep 2014
Location:
Pakistan
Summary
A cyberattack targeted the Pakistan Ministry of Interior's website, defacing it with offensive remarks against the Interior Minister and doctored images of senior government officials. This incident formed part of a broader hacktivist campaign by groups identifying as ASOR Hack Team and Anonymous Op Pakistan, which disrupted multiple government, security force, and media websites through DDoS attacks, defacements, and data leaks. Private employee information—including sensitive military designations—was exposed, while political messages criticized government handling of protests and the Model Town incident. The hackers initially targeted ruling party affiliates but later attacked opposition-linked sites, claiming their actions opposed systemic issues rather than specific individuals or parties, while inconsistently expressing support for the military and former leaders.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
The hacking campaign targeting Pakistani government and affiliated websites intensified over a weekend in September 2014, with the Ministry of Interior's official website (www.interior.gov.pk) compromised on Saturday night. Attackers defaced the site with offensive remarks directed at Interior Minister Chaudhry Nisar Ali Khan and doctored photographs of Prime Minister Nawaz Sharif, Railways Minister Khawaja Saad Rafiq, and former Punjab law minister Rana Sanaullah. This breach occurred hours after Chaudhry Nisar’s press conference at Punjab House. Concurrently, the main Government of Pakistan portal (pakistan.gov.pk) was rendered inaccessible through sustained denial-of-service attacks, while the District Courts Gujranwala website experienced temporary disruption. Media outlets Jaag TV, CNBC Pakistan, and Samaa FM suffered defacements featuring derogatory imagery targeting PPP, PML-N, and JUI-F political figures. Hackers identifying as ASOR Hack Team and Anonymous Op Pakistan claimed responsibility, stating their actions reflected broader anti-establishment grievances rather than targeting specific individuals. Notably, they compromised two Pakistan Tehreek-e-Insaf (PTI)-affiliated fundraising websites (fundyourtsunami.com and fundyourtsunami.insaf.pk), criticizing PTI Chairman Imran Khan while urging administrators to improve security, emphasizing their opposition was systemic.
Earlier attacks established a pattern of politically motivated cyber intrusions preceding this escalation. An unofficial PML-N website (pmln.us) was defaced with messages referencing the Model Town incident before restoration. The Faisalabad Police Department’s site (faisalabadpolice.gov.pk) was breached, resulting in the leak of employee usernames, passwords, CNIC numbers, addresses, and contact details. Pakistan Television’s T20 sports subsection (sports.ptv.com.pk/t20) displayed “Go Nawaz Go” slogans and criticism of government policies regarding poverty and energy crises. Hackers disseminated datasets purportedly containing credentials and sensitive information from Pakistan Army and government portals, including arms manufacturer designations, justifying these leaks as retaliation for military operations in North Waziristan. Despite this antagonism, the groups later expressed support for the Pakistan Army during Defence Day celebrations and endorsed retired General Pervez Musharraf. The campaign demonstrated fluctuating political alignments, combining disruptive tactics like DDoS, defacement, and sensitive data exposure with explicit ideological messaging tied to contemporary protests and institutional conflicts.