India's Intelligence Bureau (IB) has reportedly issued an warning about the efforts being made by Pakistan’s Inter-Services Intelligence (ISI) to target the Indian strategic organisations by spoofing telephone calls and using malware to snoop into critical websites and systems. According to the IB, India's defence forces' headquarters and other strategic organisations are being targeted by Pakistan’s intelligence operatives (PIOs).
“PIOs are frequently targeting government personnel/officers to collect sensitive information through spoofed VoIP (Voice over Internet Protocol) calls prefixed with the STD code of Delhi…The PIOs have been using the stratagem of calling phone numbers of security forces posing as officers belonging to Army/Navy/Air Force HQ (headquarters) and collecting details about the deployment, movement and other information about security forces,” The Hindu quotes an internal note of the IB.
Other important government organisations such as Indian Railways, banks and employees working for Military Engineering Services (MES) to collect sensitive and defence-related information are also being targeted. “They (PIOs) have also been making telephone calls under assumed identities by using spoofed numbers to various CPMFs (central paramilitary forces), railways, banks etc. They (PIOs) have succeeded in ferreting out sensitive information from the persons attending these calls. IB has been regular in highlighting the stratagem of PIOs using fake identities…,” the note adds.
The IB note also reveals the modus operandi involved in infiltrating India's communication networks. The note says: “Using VoIP and computer software to mask the point of origin of their calls, Pakistan’s intelligence operatives have been noticed to be masquerading as senior Indian armed forces officers to contact their targets on the telephone to collect such information.”
According to the IB, the PIOs are using a software that ensures the targeted phone shows incoming call to be originating from a “spoofed” Indian number.
BSNL's systems compromised?
In the incident, Pakistan’s intelligence officer, posing as Major Vijay from Indian Army headquarters, had called up a BSNL employee in February this year. The interaction was followed up by email communication with the staffer to access the critical information. The Home Ministry fears the email communication helped ISI install malware on BSNL networks that may have “contaminated the telco’s computer systems and compromised the integrity and security of the system”.
The home ministry is worried that the spyware may enable Pakistan’s ISI to “identify and access communication links of sensitive organizations”, making the latter vulnerable to cyber attacks.
Source: The Hindu