Did Pakistan’s ISI penetrate BSNL’s systems?

Govt fears Pakistani intelligence officers tricked a BSNL staffer and installed malware on the telco’s networks

Joji Thomas Philip
Updated7 Aug 2013, 12:15 PM IST
The home ministry also fears that the alleged spyware will enable Pakistan to remotely monitor BSNL&#8217;s networks and operations, providing the ISI with the capability of disabling critical networks. Photo: Mint<br />
The home ministry also fears that the alleged spyware will enable Pakistan to remotely monitor BSNL&#8217;s networks and operations, providing the ISI with the capability of disabling critical networks. Photo: Mint(Mint)

Pakistan’s Inter-Services Intelligence (ISI) may have successfully penetrated the database of state-owned Bharat Sanchar Nigam Ltd (BSNL) and also installed spyware in the telco’s systems, India’s interior ministry fears, according to documents reviewed by Mint.

add_main_imagePosing as Major Vijay from Indian Army headquarters, Pakistani intelligence officers had called up a BSNL employee in February this year, and followed it up by email communication with the staffer to obtain critical information. The home ministry is of the view that this email communication led to the ISI successfully installing malware on BSNL’s networks, and this may have “contaminated the telco’s computer systems and compromised the integrity and security of the system”.

The home ministry is worried that the spyware may enable Pakistan’s ISI to “identify and access communication links of sensitive organizations”, making the latter vulnerable to cyber attacks. NextMAds

The documents show that the home ministry also fears that the alleged spyware will enable Pakistan to remotely monitor BSNL’s networks and operations, providing the ISI with the capability of disabling critical networks.

India’s Intelligence Bureau (IB) referred to this incident in a 22 July note. The incident itself took place on 19 February and IB briefed the Prime Minister’s Office, the cabinet secretary, the ministries of home, telecom and IT and external affairs as well as the country’s elite external intelligence agency, the Research and Analysis Wing (RAW), of this development on 25 February.

The mode of operation was as follows. ISI spoofed a landline number (011-23016782) so that the call would appear to originate from Indian Army HQ in Delhi, and called up a BSNL executive on his mobile phone.

Posing as Major Vijay, the ISI officer claimed that the Indian Army was unable to access BSNL’s subscriber base from its website, and also sent the BSNL employee a “test mail” on his Gmail address. The BSNL employee replied to this email by sending three online links, believing that he was helping the Army. The ISI officers then got back claiming they were unable to open the links. Besides, they (ISI) sent some links to the BSNL employee who opened the same on his computer thus enabling the Pakistani agency to allegedly install the malware in the state-owned telco’s systems. The BSNL employee also offered to forward the telephone numbers of technical staff handling its call data records project in Chandigarh, Hyderabad, Pune and Kolkata.

IB briefed BSNL’s chairman and managing director Rakesh Upadhyay on this incident and asked the telco to identify and remove the alleged spyware from its systems, in addition to asking the company to initiate action against the employee.

The BSNL CMD didn’t respond to calls. sixthMAds

To be sure, this is IB’s version of events. Mint couldn’t independently confirm any of the details, including the claim that the call came from ISI.

BSNL’s networks are of strategic importance to India. The state-owned entity is building an alternative communication network for the armed forces, the completion of which will result in the Army, Air Force and Navy vacating additional spectrum for commercial mobile telephony, and routing their communications through this wireline system.

BSNL and Mahanagar Telephone Nigam Ltd (MTNL) are also operating and maintaining the secure network that they are currently building to link all government departments in the country. This network, which will connect about 5,000 government departments when completed, is aimed at ensuring confidentiality of all official communication. Besides, BSNL’s networks also link the servers of private mobile phone companies to the upcoming Centralized Monitoring System (CMS), a surveillance platform that will enable the government to monitor all forms of communication from emails to online activity to phone calls, text messages and faxes among others.

Experts see the breach as yet another incident of social engineering posing a threat to corporations and sensitive data.

“Social engineering techniques allow a lot of access if an employee is not made aware and trained to screen calls and handle sensitive data properly. Hackers have been able to get blueprints and sensitive data successfully through social engineering, which is made easier nowadays with people not caring about their privacy and personal data available in the public domain in social media sites,” said Shree Parthasarathy, executive director, enterprise risk services, Deloitte.

“Another challenge is the classification of data. If there was a standard process then I’m sure the breach would have been caught. It’s relatively easy to solve but poses a major threat at the present time.”

Shauvik Ghosh in New Delhi contributed to this story.

Catch all the Industry News, Banking News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates.

MoreLess
First Published:7 Aug 2013, 12:15 PM IST
HomeIndustryTelecomDid Pakistan&#8217;s ISI penetrate BSNL&#8217;s systems?

Get Instant Loan up to ₹10 Lakh!

  • Employment Type

    Most Active Stocks

    Zee Entertainment Enterprises

    150.85
    03:59 PM | 27 AUG 2024
    15.5 (11.45%)

    Tata Power

    428.00
    03:52 PM | 27 AUG 2024
    5.55 (1.31%)

    GAIL India

    236.40
    03:58 PM | 27 AUG 2024
    1.15 (0.49%)

    ICICI Bank

    1,226.15
    03:57 PM | 27 AUG 2024
    13.25 (1.09%)
    More Active Stocks

    Market Snapshot

    • Top Gainers
    • Top Losers
    • 52 Week High

    Tata Teleservices Maharashtra

    100.51
    03:59 PM | 27 AUG 2024
    8.01 (8.66%)

    Gujarat Ambuja Exports

    145.90
    03:52 PM | 27 AUG 2024
    10.7 (7.91%)

    JSW Infrastructure

    332.50
    03:59 PM | 27 AUG 2024
    23.25 (7.52%)

    Caplin Point Laboratories

    1,951.10
    03:48 PM | 27 AUG 2024
    109.1 (5.92%)
    More from Top Gainers

    Recommended For You

      More Recommendations

      Gold Prices

      • 24K
      • 22K
      Bangalore
      74,059.00992.00
      Chennai
      73,195.00-157.00
      Delhi
      74,203.001,422.00
      Kolkata
      73,483.00131.00

      Fuel Price

      • Petrol
      • Diesel
      Bangalore
      102.86/L0.00
      Chennai
      100.85/L0.00
      Kolkata
      104.95/L0.00
      New Delhi
      94.72/L0.00
      OPEN IN APP
      HomeMarketsloanPremiumMint Shorts