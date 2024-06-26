BSNL Cyber Attack: Data Breach Compromises SIM Details, Raises Privacy Concerns | Image credit: BSNL (Representative)

Mumbai: The sale of highly sensitive telecom data of the state run BSNL on dark web forums has exposed the vulnerability of Indian telecom services to cyber-attacks, undermine national security, infrastructure stability and disrupt communication networks, according to cyber security experts.

The shocking revelation of data breach at state run telecommunications provider Bharat Sanchar Nigam Limited (BSNL) systems by ‘kiberphant0m’ with prolonged access to the telecommunication systems has risked several million subscribers.

The deep penetration of the BSNL systems facilitated by exploiting software vulnerabilities and using sophisticated social engineering techniques has exposed the exposed the vulnerabilities of BSNL servers allowing attackers to study the infrastructure setup and exploit the network injecting malicious codes without immediate detection.

The 140 GB data breach of critical telecom systems includes IMSI and SIM details, HLR data, DP Card Data, DP Security Key Data, master keys, and SOLARIS server snapshots for potential SIM cloning to intercept calls and messages, including OTPs, bypass two-factor authentication, access bank accounts, cyber crimes and extortion rackets.

The BSNL compromised data of subscribers available on the darknet is offered for sale at USD 5000 providing complex and critical information of telecom operations with high value sensitive data with extensive potential for misuse for criminal exploitation.

According to cyber security experts, the notorious threat ‘kiberphant0m’ compromised data that includes critical information such as International Mobile Subscriber Identity (IMSI) numbers, SIM card details, pin codes, and authentication keys.

“The nature and volume of the compromised data suggests kiberphant0m had prolonged access to BSNL network and systems,” claimed senior cyber crime officials.

The compromised data gives access to Home Location Register (HLR) details and machine copies for cyber criminal to manipulate network settings to intercept data directly from the network to make unauthorised changes to the network for data interception leading to widespread service disruptions, illegal surveillance activities and leak of sensitive information.

BSNL had reported a similar data breach in December 2023 and the latest breach has more detailed user information and datasets related directly to telecom operations.

“The breach has set dangerous precedent of encouraging further attacks on other critical infrastructure sectors. The detailed operational data that has been compromised could be used to launch more sophisticated cyber-attacks, targeting other interconnected systems and networks,” said senior intelligence officials monitoring the network breach.

The telecom ministry has asked for a detailed report on the data breach and exploitation of known vulnerabilities within BSNL’s server infrastructure and ordered comprehensive forensic investigation to identify vulnerabilities exploited for rigorous patch management and security updates.