Pakistan’s Khyber News Network was knocked off-air on the evening of Friday, 12 March 2026, reportedly due to a coordinated cyberattack, after hostile actors injected an unknown carrier signal onto the satellite frequencies used by AVT Channels. In an official press release issued on 13 March 2026, AVT Channels stated that the interference caused severe technical instability across its network transmissions and forced the channel into a temporary “No Signal” state.
The company described the incident as a targeted attempt to exploit broadcast transmission vulnerabilities and destabilise its on-air operations.
The company confirmed that it has formally put all relevant state bodies, security agencies, and regulatory authorities on notice under the Prevention of Electronic Crimes Act (PECA) 2016, legislation that covers electronic interference, broadcast sabotage, and related offences.
The press release also emphasised that Khyber News’s editorial policy operates strictly within Pakistan’s constitutional framework, and that the channel’s coverage of national security and political affairs is protected not only by law but by the full institutional backing of the state. AVT stated that no government institution has ever issued the channel any instruction to curtail its broadcasting, a point it underscored to counter what it characterised as false claims circulating online.
Anatomy of the intrusion
Technical data released by Khyber News reveals the precise mechanism of the attack. Hostile actors superimposed an unknown carrier waveform visible as a dense, high-amplitude signal directly onto the AVT satellite uplink frequency. In the frequency-domain analysis, the legitimate AVT uplink appears as a clean, stable sinusoidal wave; the injected carrier disrupted it at the point of collision, producing catastrophic signal degradation. Telemetry captured during the incident recorded packet loss exceeding 85% and a severe drop in the carrier-to-noise ratio (C/N), both of which are consistent with a deliberate radio-frequency injection attack rather than a hardware failure or atmospheric anomaly.
The attack unfolded on the same evening that Pakistani security forces intercepted at least two Afghan-origin drones that had entered restricted airspace in the Rawalpindi–Islamabad corridor. While no formal joint attribution has been made by the government linking the two incidents, the convergence of a physical aerial provocation and a precision cyber assault on a major national broadcaster in the same hours has led security officials and the network’s own leadership to characterise the events as part of a coordinated hybrid operation one aimed at testing and destabilising Pakistan’s security and information environment simultaneously.
