The National Computer Emergency Response Team (National CERT) has issued a major cybersecurity advisory directing federal ministries to strengthen the security of the government’s e‑Office system within the next 30 days to protect sensitive digital infrastructure.
According to officials, the advisory has been sent to 43 federal ministries and key departments, instructing them to immediately implement stronger cybersecurity measures to prevent potential cyber threats.
National CERT has recommended the installation of Next Generation Firewalls to closely monitor traffic on the e‑Officeplatform and block unauthorized access attempts. Ministries have also been advised to restrict system access only to approved users and designated networks.
Authorities emphasized that the system should remain isolated from the public internet as much as possible to reduce exposure to external cyberattacks. Officials warned that increasing cyber threats to government infrastructure have made stronger security measures necessary.
The advisory also recommends appointing a Director of Cyber Security in every ministry and forming a dedicated cybersecurity team within the National Information Technology Board to oversee protection of digital systems.
Director General of the National Computer Emergency Response Team, Dr. Haider Abbas, has formally shared the recommendations with federal ministries. Meanwhile, Khurram Javed has been tasked with coordinating with all departments to ensure the implementation of the security guidelines.
In addition, ministries have been instructed to enforce strict access control policies, including IP whitelisting and the mandatory use of strong passwords combined with two-factor authentication for all government email and e‑Office users.
Only approved devices and secure networks will be allowed to access the system, while the use of unauthorized VPN services has been banned without prior approval from the National Information Technology Board.
Officials said ministries must also ensure endpoint security, install updated antivirus software, and follow cybersecurity policies issued by the National Computer Emergency Response Team and the National Telecommunication and Information Security Board to prevent cyber intrusions and protect sensitive government data.
