IIA Accuses ISI of Pakistan for Targeting BSNL with Cyber Attacks

Propakistani.pk reported on 7th August, 2013 stating that Indian Intelligence Agency (IIA) has claimed that Pakistan's Secret Service, better known as ISI (Inter Services Intelligence) has launched a cyber attack on BSNL (Bharat Sanchar Nigam Ltd), India's state-owned telecom giant.

Indian secret agency, usually called the IIA, believes that somebody from Pakistan pretending to be one 'Major Vijay' from Indian Army headquarters had phoned up a BSNL worker in February this year, and followed it up by email communication with the employee to obtain crucial information.

The Indian Home Ministry believes that this communication via email caused successful installation of malware by ISI on BSNL's networks which may have infected the telecom giant's computers and hijacked the system's integrity as well as security.

According to IB (Intelligence Bureau), this malware could be used by ISI to identify and penetrate communications network of other organizations making them vulnerable to malicious cyber attacks.

BSNL being India's largest landline phone company with more than 46 million access lines covering most of India, is also equipped with key counterterrosim and cybersecurity projects implemented by the government including Central Monitoring System or CMS which is a security surveillance system launched in April, 2013.

IB is working with BSNL to clear its system of any spyware and has asked the company to initiate action against the employee for leaking sensitive data to an outsider.

Apparently, IB referred and briefed this unfortunate incident to the PMO's or Prime Minister's Office on 22nd July, 2013.

Tech2.in.com published a report on 7th August, 2013 quoting Shree Parthasarathy, Executive Director, Enterprise Risk Services, Deloitte commented: "Social engineering techniques allow more access when an employee is not trained to screen calls and properly handle sensitive data.

Hackers have been getting blueprints of sensitive data through social engineering which is easier nowdays as people don't care about their privacy and personal data and they make these available to public in social media sites. If there was a standard process then I am sure the breach would have been caught and it is relatively easy to solve but poses a major threat at present."

» SPAMfighter News - 8/19/2013