Pakistan’s Repeated Cyber Provocations: ISI-Linked Cyber Offensive Targets Indian Defence Data, Defaces MoD PSU Website

New Delhi, India - In a development that has raised alarm within India's cyber defence establishment, a pro-Pakistan cyber group identifying itself as the Pakistan Cyber Force has claimed responsibility for compromising sensitive data from key Indian defence institutions. According to a post circulated from the group’s X (formerly Twitter) account on May 5, 2025, the attackers allege they have gained unauthorized access to information belonging to the Military Engineering Service (MES) and the Manohar Parrikar Institute for Defence Studies and Analyses (MP-IDSA).

The data breach allegedly includes personal details of defence personnel and possibly their login credentials. While the authenticity of these claims is still under technical validation, the nature of the targeted entities and the timing of the breach—coming days after the Pahalgam terror attack—has intensified suspicions of state-sponsored cyber hostility. Agencies within the Ministry of Defence (MoD) and the National Critical Information Infrastructure Protection Centre (NCIIPC) are currently conducting a forensic review of the incident.

Website Of Armoured Vehicle Nigam Limited Defaced Using Pakistan Flag And Al Khalid Tank

Simultaneously, the website of Armoured Vehicle Nigam Limited (AVNL)—a defence PSU under the Department of Defence Production—was targeted in a parallel cyber offensive. The attackers successfully defaced the homepage, embedding visual content bearing the Pakistan national flag alongside images of the Al Khalid tank, the main battle tank of the Pakistan Army. This intrusion was quickly detected by AVNL’s internal IT team, and the website was immediately taken offline to prevent further propagation or malware insertion.

Officials at AVNL confirmed that no sensitive internal production or design documents appear to have been accessed from the public domain website. However, as a cautionary protocol, the entire backend system is undergoing a thorough cybersecurity audit. The Ministry of Defence has instructed all associated PSUs and affiliated research institutes to initiate immediate cyber hygiene reviews and submit compliance status within 72 hours.

Threat Actor Activity Intensifies Online; Indian Cyber Agencies Step Up Surveillance Of Hostile Nodes

Cybersecurity agencies and military intelligence units are monitoring digital domains for any escalation in intrusions from known Pakistan-linked hacker groups. Multiple threat intelligence networks—both private and government-affiliated—have flagged a surge in probe attempts targeting Indian critical infrastructure and academic institutions. Experts believe these actions are part of an orchestrated attempt to wage asymmetric warfare in cyberspace and destabilize India’s institutional confidence during a volatile period.

This marks a worrying trend of hybrid warfare tactics, particularly as propaganda, AI-generated disinformation, and now cyber attacks appear to be working in tandem since the April 22 Pahalgam terror strike. The government had already moved to ban over a dozen Pakistani YouTube channels spreading fake news, and the current intrusion efforts suggest a broader escalation strategy via cyberspace.

Response Protocols Triggered To Secure Defence It Systems; Mod Instructs Hardening Of Digital Infrastructure

In response to the breach claims and the attempted defacement, a high-level coordination effort has been initiated between the Defence Cyber Agency (DCA), CERT-IN, NCIIPC, and DRDO’s Cyber Group. Steps are being taken to assess the vulnerabilities across MES, MP-IDSA, and other defence-linked digital platforms. Additionally, advisory notices have been issued to restrict access to sensitive portals from unsecured networks and to mandate multifactor authentication on all user credentials with immediate effect.

Sources within the Ministry of Electronics and IT confirmed that defence-sector PSUs and strategic research organisations are being subjected to red-team audits over the next two weeks. The objective is to simulate attack scenarios, identify possible weaknesses, and build digital redundancy against persistent threats.

India has made considerable strides in hardening cyber architecture across its armed forces in recent years, but the evolving tactics of adversarial cyber actors—particularly state-backed groups—continue to pose challenges. As of now, there has been no official statement from Pakistan’s Ministry of IT or military regarding the claims made by the Pakistan Cyber Force.

Watch - India vs Pakistan: Pakistan Army Not Prepared for Prolonged Conflict