Artificial Intelligence is transforming the landscape of cyber threats worldwide by enabling the creation of deepfakes, autonomous malware, and automated phishing, which outsmart conventional countermeasures. The critical infrastructure in Pakistan, including energy, telecommunications, and finance, is becoming increasingly digitalized and can be compromised through these AI-fueled incursions; however, the defenses have not kept pace. Recent national-level ones, such as PKCERT and NCCIA, are not large-scale and do not incorporate AI. Considering the recent rise of AI-enhanced malware worldwide and the increase in local hacktivist activity levels. Pakistan has to rapidly assess and strengthen its security posture, informed by AI awareness. This paper considers the threat, preparedness gaps, and strategic priorities.
The most critical infrastructure that Pakistan has as the backbone of National Security and economic stability is the energy infrastructure, the finance infrastructure, and the telecommunication infrastructure. The energy industry, including power plants, transmission lines, and oil/gas pipelines, continues to be at a high risk of disruption by cyber activity, which can lead to widespread consequences. Digital payment systems, financial institutions, and central banks are also becoming increasingly digitized, making them more vulnerable to AI-generated fraud and other cyberattacks. The telecom industry, which enables communication and emergency services, is highly susceptible to advanced AI hacks.
Nature of AI-Powered Cyber Threats
Artificial intelligence-enabled cyber threats are developing at an extremely rapid rate and can present a significant risk to the infrastructures of vital importance worldwide. Synthetic media Deepfakes, compelling fake media, are being used in fraud, social engineering, and identity theft. Notably, the former example of a deepfake impersonating a CEO led Arup, an engineering firm, to transfer US$25 million illicitly. Global deepfake fraud has increased to more than US$200 million stolen within three months at the beginning of 2025. Automated attacks are just as harmful: with Microsoft Defender, AI-trained malware can now evade detection roughly 8 percent of the time, thanks to training the model on open-source LLMs. It takes less than 30 minutes to utilize agentic AI before advanced adversaries can organize entire ransomware attacks. A survey conducted by Gartner revealed that 28 percent of companies are exposed to audio AI-based deepfakes, whereas 21 percent of organizations are exposed to video deepfakes.
Vulnerabilities in Pakistan’s Infrastructure: Pakistan lacks adequate infrastructure due to obsolete systems, weak cyber hygiene, and minimal protection against AI attacks.
First, secondhand industrial control systems, or ICS, the usual kind used in energy and water utilities, are exposed to AI augmented malware, which can be used with COTS, such as Windows or SQL. Second, the proliferation of the digital world, with 191 million mobile internet users and ever-increasing IoT applications, makes the attack surface enormous. Third, institutional preparation is behind: PKCERT and NCCIA were established only in 2023 -2024, although there are no extensive compositions on the use of AI in their detection and response. Lastly, the cross-border threats are escalating, including geopolitical hacktivism, like the case of APT36 that attacked the infrastructure of the region.
Pakistan is improving its cyberspace protection activities; however, significant gaps remain in securing itself against AI-based threats. Although the creation of the National Cyber Security Policy 2021 and PKCERT, as well as NCCIA, indicates a significant step in this direction, there are still some problems with obtaining the necessary funds to implement them, acquiring the required technical knowledge, and developing a protocol specific to AI. The most critical areas involve legacy IT systems, which do not utilize real-time monitoring or advanced threat intelligence systems. Additionally, cyber workforce gaps, especially in AI and data science, hinder effective responses. Additionally, there is uneven reporting of incidents and limited communication between the public and private sectors, and this liability has been under-addressed. The regulatory mechanisms overseeing industries such as telecom, finance, or those with concerns related to national security and civil safety are reactive and do not require multiple standards to ensure the level of threat detection and response driven by AI.
Global Lessons and Best Practices
The advanced economies can offer valuable lessons in enhancing Pakistan’s cyber defense capacity in response to threats posed by the use of AI. Countries such as the United States and Israel have incorporated the use of AI-based monitoring and quick response to incidents as part of their national cybersecurity strategies, achieving the ability to detect high-tech attacks in real-time. The European Union applies stringent data security and industry-specific bylaws, which require ongoing risk evaluation and a risk resilience strategy. Cyber Security Agency (CSA), Singapore, is encouraging collaboration (with the private sector) and continuous education (on AI) and simulation nationwide to ensure preparedness. These countries emphasize investing in cybersecurity research, inter-sectoral intelligence exchange, and staff training in AI skills, integrating them into policy and practice. Comparing these strategies to one another, it becomes evident that AI resilience may only be achieved through proactive regulation, strong threat intelligence, and the practical education of the workforce. In the case of Pakistan, a hybrid approach combining regulatory reforms, technical capacity enhancement, and threat sharing, as observed in international precedents, can substantially support national infrastructure and minimize exposure to the risk of Artificial Intelligence-driven attacks.
The key steps that Pakistan should take to address AI-driven cyber threats include investing in modern threat detection, training the next generation of its cybersecurity professionals, and integrating AI tools into its primary infrastructure defense system. This involves enforcing compliance and reporting regulations to ensure real-time monitoring and sharing of data and information across sectors. Cooperation between the public and private sectors, as well as international partnerships, should be encouraged to leverage international threat intelligence and best practices. A stable simulation exercise and enhanced incident reporting will improve national resilience. In the future, AI-integrated, larger-scale policy and educational solutions are the only options that will deliver the stability of infrastructure, national security, and economic stability of Pakistan against AI-based attacks, as threats can constantly change.
Research Associate, Pakistan House