In the wake of the deadly Pahalgam terror attack that claimed 26 lives, websites associated with the Indian Armed Forces came under a coordinated cyber offensive by Pakistan-based hackers operating under the moniker "IOK Hacker"-Internet of Khilafah. Intelligence sources confirmed that these hackers, frustrated by their inability to penetrate mission-critical national networks, redirected their efforts towards publicly accessible welfare and educational platforms linked to the armed forces.

The four confirmed incidents targeted the websites of Army Public School (APS) Srinagar and APS Ranikhet, the Army Welfare Housing Organisation (AWHO) database, and the Indian Air Force Placement Organisation portal.

The attacks involved attempts to deface web pages with inflammatory propaganda, disrupt online services-most notably through a distributed denial-of-service (DDoS) assault on the APS Srinagar site-and harvest personal information. In some cases, the defaced pages displayed provocative messages, the Pakistani flag, and imagery associated with hacktivist symbolism, such as the Guy Fawkes mask.

India’s multi-layered cybersecurity architecture detected these intrusions in real time, swiftly tracing their origin to Pakistan. All four affected sites were immediately isolated and underwent restorative action, preventing any compromise of operational or classified networks. Officials emphasized that these incidents highlight both the adversary’s intent to disrupt and their limitations, as no sensitive military infrastructure was breached.

The cyberattacks coincided with ongoing ceasefire violations along the Line of Control (LoC) and a broader escalation in tensions between India and Pakistan following the Pahalgam attack. In response, India not only reinforced its digital defences but also took punitive measures in the information domain, including the ban of 16 Pakistani YouTube channels accused of spreading provocative and misleading content against India and its security agencies.

The Indian Armed Forces’ robust cyber preparedness and rapid incident response ensured that the attempted breaches by "IOK Hacker" resulted in no operational damage, underscoring the effectiveness of India’s digital security protocols even as cyber threats from across the border continue to evolve.

NIE Report