Pakistani Inter-Services Intelligence (ISI), is said to have got an access to database of BSNL. The Home Ministry fears that ISI may have installed spyware in the BSNL database. This could lead to more cyber attacks, and leaking of sensitive information, is a possibility.
"Posing as Major Vijay from Indian Army headquarters, Pakistani intelligence officers had called up a BSNL employee in February this year, and followed it up by email communication with the staffer to obtain critical information. The home ministry is of the view that this email communication led to the ISI successfully installing malware on BSNL's networks, and this may have "contaminated the telco's computer systems and compromised the integrity and security of the system", as mentioned in the Mint newspaper.
"The intelligence operatives have been using the stratagem of calling phone numbers of security forces posing as officers belonging to Army or Navy headquarters. They have also been making calls under assumed identity by using spoofed numbers to various banks and railway officials," as per Business Line
"The spyware planted by the Pakistan intelligence operative might also be used by ISI in accessing communication links of sensitive organisations, making them vulnerable to cyber attacks"
This could be a major problem in the long run. The government should find a solution as early as possible.
Social engineering techniques allow a lot of access if an employee is not made aware and trained to screen calls and handle sensitive data properly. Hackers have been able to get blueprints and sensitive data successfully through social engineering, which is made easier nowadays with people not caring about their privacy and personal data available in the public domain in social media sites," said Shree Parthasarathy, executive director, enterprise risk services, Deloitte.