ISI Penetrates BSNL?

This report in Mint suggests an intelligence report that ISI might have planted a trojan in the BSNL network to enable it spy on the database. It is interesting to note the social engineering methods used by ISI to get the trojans planted.

Mint reports the following modus operandi.

“ISI spoofed a landline number (011-23016782) so that the call would appear to originate from Indian Army HQ in Delhi, and called up a BSNL executive on his mobile phone.

Posing as Major Vijay, the ISI officer claimed that the Indian Army was unable to access BSNL’s subscriber base from its website, and also sent the BSNL employee a “test mail” on his Gmail address. The BSNL employee replied to this email by sending three online links, believing that he was helping the Army. The ISI officers then got back claiming they were unable to open the links. Besides, they (ISI) sent some links to the BSNL employee who opened the same on his computer thus enabling the Pakistani agency to allegedly install the malware in the state-owned telco’s systems. “

The incident should be a good lesson to other people employed in sensitive organizations.

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.