National CERT Issues Cybersecurity Advisory for Federal Ministries to Protect the e-Office System

The National Computer Emergency Response Team (National CERT) has issued a comprehensive cybersecurity advisory aimed at strengthening the protection of the government’s digital infrastructure, particularly the e-Office system used by federal ministries and departments.

According to the advisory, the move comes in response to increasing cyber threats targeting public sector digital systems. National CERT has directed ministries to take immediate steps to secure their digital networks and prevent unauthorized access or malicious cyber activities.

Director General of National CERT, Dr Haider Abbas, has formally sent the security recommendations to 43 federal ministries and key government departments. The advisory emphasizes the urgent need to strengthen cybersecurity measures to protect sensitive government data and systems.

National CERT Issues Cybersecurity Advisory for Federal Ministries to Protect the e-Office System

The letter instructs ministries to implement the recommended security measures within 30 days to ensure the protection of the e-Office platform.

One of the key recommendations is the deployment of Next-Generation Firewalls (NGFW) to monitor and control network traffic associated with the e-Office system. These firewalls will help filter incoming and outgoing data traffic and reduce the risk of cyber intrusions.

National CERT has also advised separating the e-Office system from the public internet and placing it within a secure internal network. This step will limit exposure to external cyber threats and enhance the overall security of government digital operations.

The advisory further recommends implementing strict access control policies, including IP whitelisting, to ensure that only authorised users and approved networks can access the system. Authorities have instructed ministries to restrict access to pre-approved devices and networks.

In addition, the use of unauthorised virtual private networks (VPNs) has been strongly discouraged. Officials have been told that any VPN connectivity must receive prior approval from the National Information Technology Board (NITB).

To improve protection at the user level, National CERT has proposed strong password policies and mandatory two-factor authentication (2FA) for government email and e-Office users. All systems connected to the platform must also have endpoint security solutions, including updated antivirus software, to detect and prevent potential cyber threats.

See Also: National CERT Intensifies Cybersecurity Efforts After Recent Hacker Attacks on Government Websites

The advisory also recommends establishing a dedicated cybersecurity team within NITB to oversee the protection of critical government systems. In addition, authorities have advised each ministry to appoint a Director of Cyber Security to ensure the effective implementation of security policies.

National CERT has assigned Khurram Javed to coordinate with ministries and departments to facilitate the deployment of the required cybersecurity controls.

The advisory also instructs ministries to strictly follow cybersecurity policies issued by the National Telecom and Information Technology Security Board (NTISB) to ensure consistent protection across government networks.

Officials say the measures will strengthen the security of Pakistan’s digital governance systems and prevent cyber attacks targeting sensitive government infrastructure.