VYPR
researchPublished Jul 10, 2026· 2 sources

China, India-Linked Hackers Both Targeted Same Pakistani Police Force

SentinelOne reports that both China and India-linked threat actors have targeted Pakistan's Balochistan Police for over two years, highlighting sustained state-sponsored interest in a specific national entity.

For at least two years, Pakistan's Balochistan Police force has been the target of persistent cyber operations, with threat actors linked to both China and India engaging in sustained campaigns against the entity. This prolonged and dual-nation targeting, as detailed by SentinelOne, underscores the strategic importance of the police force or the data it holds.

The nature of the specific tools, malware, or attack vectors employed by these distinct state-linked groups remains largely undisclosed in the initial reporting. However, the fact that two separate nation-state actors have focused their efforts on the same national law enforcement agency over an extended period is a significant indicator of geopolitical cyber activity.

While the reporting does not delve into the precise motivations behind these attacks, such sustained targeting of a national police force by multiple state actors typically suggests objectives ranging from intelligence gathering and espionage to potentially disrupting internal operations or gaining leverage.

The involvement of actors from both China and India, countries with complex geopolitical relationships, adds another layer of intrigue. It raises questions about whether these campaigns are coordinated, competitive, or independent efforts driven by differing national interests.

SentinelOne's analysis highlights the ongoing sophistication and persistence of state-sponsored cyber threats. The ability of these actors to maintain operations against a specific target for such a duration points to significant resources and a strategic focus.

This situation also brings attention to the cybersecurity posture of national law enforcement agencies in regions experiencing geopolitical tension. The Balochistan Police force, like many similar organizations globally, may face challenges in defending against well-resourced, state-backed adversaries.

Further investigation into the specific tactics, techniques, and procedures (TTPs) used by these threat groups will be crucial to understanding the full scope of the threat and developing effective countermeasures. The sustained focus on a single entity by multiple state actors serves as a stark reminder of the evolving landscape of cyber warfare and espionage.

The reporting by SentinelOne serves as a critical alert, emphasizing the need for enhanced threat intelligence sharing and robust defensive strategies for critical national infrastructure and government entities worldwide, particularly in regions with complex geopolitical dynamics.

This new reporting from The Record provides further details on the dual espionage campaigns attributed to China and India targeting Pakistan's Balochistan Police. It highlights that the compromised systems contained sensitive data including criminal records, biometric information, and citizen complaints, and suggests the motivations behind the targeting were intelligence gathering related to the China-Pakistan Economic Corridor and the ongoing separatist insurgency in the region. The article also notes that the China-linked actor used malware disguised as a portal update, exposing both police and the public.

Synthesized by Vypr AI