World

China, India-linked hacking groups targeted Pakistani law enforcement, report says

A 3D printed model of men working on computers are seen in front of displayed binary code and words "Hacker" in this illustration taken, July 5, 2021. REUTERS/Dado Ruvic/Illustration
A 3D printed model of men working on computers are seen in front of displayed binary code and words "Hacker" in this illustration taken, July 5, 2021. REUTERS/Dado Ruvic/Illustration Reuters

Multiple Pakistani law enforcement agencies were targeted in separate hacking campaigns linked to groups associated with China and India, researchers at cybersecurity firm SentinelOne said on Thursday.

The campaigns offer a glimpse into foreign efforts to gather information on Pakistan's security challenges including militant violence, tensions with Afghanistan and the country's economic collaboration with China.

"When multiple cyberespionage actors operate against law enforcement institutions of a single state, the convergence itself is a signal of target value," Aleksandar Milenkoski, a principal threat researcher at SentinelOne, wrote in a blog published on Thursday.

"What draws them is a particular kind of institution: one that holds the government's internal security picture, what it knows about the threats inside its borders, and how it acts against them."

The targeted agencies play a role in monitoring internal and external threats, and in coordinating the response of law enforcement and government authorities, according to the report.

SentinelOne said it found evidence of multiple hacking campaigns and intrusions carried out by Chinese- and Indian-linked hacking groups between February 2024 and April 2026, most notably against the Balochistan police, which serves Pakistan's southwestern province of the same name.

Liu Chang, the spokesperson for the Chinese Embassy in Washington, said in an emailed statement that China "firmly opposes and combats all forms of cyberattacks in accordance with the law, and does not allow any country or individual to engage in such illegal activities within China's territory or by using China's infrastructure."

The Indian Embassy in Washington did not provide an answer to questions about the analysis.

The report said Chinese interest in the agencies could be linked to the safety of Chinese nationals working in Pakistan, who have been targeted in deadly attacks in recent years. Interest from groups linked to India could be related to tensions between the two countries and Pakistan's broader security posture, it said.

According to Milenkoski, the operations targeting the Balochistan police involved network equipment, web servers and several online applications, including the force's Complaint Management System.

The Balochistan police did not respond to a request for comment.

Other targets included the Khyber Pakhtunkhwa police, the Islamabad police and the Punjab Safe Cities Authority (PSCA), an autonomous government agency that operates systems used by the police in major cities in Punjab province.

The Khyber Pakhtunkhwa police said in a statement that security of its systems is "a matter of the highest priority," and that "there is no evidence that any core KP police system, network, or critical application has been successfully compromised."

"It is pertinent to mention that during the heightened Pakistan–India tensions last year, KP Police experienced an increase in attempted cyber activities," the agency said, and that in "one isolated incident, the login credentials of an end user were compromised."

The Islamabad Police, PSCA, and Pakistani Ministry of Interior did not respond to a request for comment.

(Reporting by AJ Vicens in Detroit. Additional reporting by Mushtaq Ali in Peshawar; Editing by Sanjeev Miglani)

Copyright Reuters or USA Today Network via Reuters Connect.

This story was originally published July 9, 2026 at 8:02 AM.

Get unlimited digital access
#ReadLocal

Try 1 month for $1

CLAIM OFFER