Cyber Incident Victim: Karachi Police Office

On September 11, 2020, the Karachi Police Office (KPO) Media Cell in Pakistan suffered a ransomware attack compromising its computer systems. Hackers encrypted approximately 700 GB of data from the Media Cell’s systems and demanded a ransom payment of 9,980 units (currency unspecified in available reporting). The attack disrupted normal operations of the Media Cell, though the exact nature of impacted police functions beyond data inaccessibility was not detailed in public disclosures. Karachi cybercrime response teams immediately deployed to the KPO facility following detection of the intrusion. Investigators seized affected computer systems to preserve forensic evidence and initiated a formal investigation into the incident. No ransomware variant was identified in available reports, distinguishing this attack from contemporaneous Netwalker and DoppelPaymer incidents affecting other organizations that week.

The incident occurred amid a global surge in ransomware activity targeting high-profile entities, including multiple government agencies and critical infrastructure operators. While the attackers’ identity remained unverified, their operational approach aligned with common ransomware tactics involving data encryption followed by extortion demands. The 700 GB dataset size suggested compromise of substantial digital assets, though specific file types or records affected were undisclosed. Authorities did not publicly confirm whether ransom payments were made or whether data recovery efforts succeeded. The cybercrime division’s seizure of systems indicated standard incident response procedures for evidence collection and attack analysis. This event highlighted ransomware threats to law enforcement infrastructure during a period when attacks paralyzed border operations in Argentina, disrupted Pakistan’s largest power utility, and affected educational institutions globally.