Hackers Tied to China and India Targeted Pakistani Police Agencies, Report Finds

Hacking groups with ties to both China and India separately targeted several Pakistani law enforcement agencies, according to new findings released Thursday by cybersecurity firm SentinelOne.

The discovered campaigns shed light on foreign efforts to gather intelligence related to Pakistan’s security landscape, including militant violence, tensions along the Afghan border, and the country’s economic ties with China.

Aleksandar Milenkoski, a principal threat researcher at SentinelOne, explained the significance in a blog post published Thursday. “When multiple cyberespionage actors operate against law enforcement institutions of a single state, the convergence itself is a signal of target value,” he wrote. “What draws them is a particular kind of institution: one that holds the government’s internal security picture, what it knows about the threats inside its borders, and how it acts against them.”

SentinelOne’s research uncovered evidence of hacking activity and network intrusions carried out between February 2024 and April 2026. The most prominent target was the Balochistan police, which serves Pakistan’s southwestern province of the same name. Researchers found that the attacks on that agency involved network equipment, web servers, and several online applications, including the force’s Complaint Management System.

The Balochistan police did not respond when asked for comment.

Additional agencies targeted in the campaigns included the Khyber Pakhtunkhwa police, the Islamabad police, and the Punjab Safe Cities Authority, an independent government agency that manages systems used by police across major cities in Punjab province.

According to the report, the agencies targeted are involved in monitoring both internal and external threats and in coordinating responses between law enforcement and government officials.

Researchers suggested that China’s interest in these agencies may stem from concerns about the safety of Chinese nationals working in Pakistan, who have been killed in attacks in recent years. Interest from India-linked groups is believed to be connected to ongoing tensions between the two nations and Pakistan’s overall security posture.

Liu Chang, spokesperson for the Chinese Embassy in Washington, responded with an emailed statement saying China “firmly opposes and combats all forms of cyberattacks in accordance with the law, and does not allow any country or individual to engage in such illegal activities within China’s territory or by using China’s infrastructure.” The Indian Embassy in Washington did not respond to questions about the findings.

The Khyber Pakhtunkhwa police issued a statement saying cybersecurity “is a matter of the highest priority” for the agency, and that “there is no evidence that any core KP police system, network, or critical application has been successfully compromised.” The agency also acknowledged that “during the heightened Pakistan-India tensions last year, KP Police experienced an increase in attempted cyber activities,” and noted that “in one isolated incident, the login credentials of an end user were compromised.”

The Islamabad Police, the Punjab Safe Cities Authority, and Pakistan’s Ministry of Interior did not respond to requests for comment.