India Says Pakistan’s Intelligence Agency, ISI, Using Bogus Phone Calls, Spyware To Target Armed Forces, State Telecom Company

India’s intelligence officials believe Pakistan's agents have stepped up a cyberattack campaign to infiltrate Indian government agencies, using fake phone calls and spyware, Indian media reported on Wednesday, a day after five Indian soldiers were killed in an ambush near a disputed border in the state of Kashmir.

India’s Intelligence Bureau, or IB, issued an internal alert recently, warning that agents associated with Pakistan’s Inter-Services Intelligence, or ISI, were targeting the headquarters of India’s armed forces, as well as Indian Railways, banks, and state-owned telecommunications company, Bharat Sanchar Nigam Limited, or BSNL.

IB said Pakistani agents have been making phone calls to Indian military personnel and officers, through “spoofed VoIP (Voice over Internet Protocol)… prefixed with the STD code of Delhi” and posing as senior officers belonging to the Indian military headquarters in New Delhi, to collect sensitive data such as locations of military installations, the Hindu newspaper reported.

IB said personnel belonging to India’s Central Reserve Police Force, or CRPF, and employees of Indian Railways and some banks have also been targeted in recent days, adding that Pakistani agents “have succeeded in ferreting out sensitive information from persons attending these calls.”

Indian officials believe ISI, using data collected from an unsuspecting BSNL employee on a bogus phone call in February, may have successfully penetrated the telecom company's database and released a spyware into its system, the report said.

The malware planted in the BSNL system, , according to IB, could be used by the ISI to identify and penetrate communications networks of other organizations, making them vulnerable to cyberattacks.

BSNL, apart from being India’s largest landline phone company with a network of more than 46 million access lines covering most of India, is also associated with key counterterrorism and cybersecurity projects implemented by the government, including the Central Monitoring System, or CMS, a security surveillance system launched in April.

IB is working with BSNL to rid its system of any spyware and has asked the company to initiate action against the employee for divulging sensitive data to an outsider.

On Tuesday, the Indian army held Pakistan responsible for the killings of Indian soldiers in the Indian-administered border territory in the state of Jammu and Kashmir, but a Pakistani military official, who spoke to BBC, denied the allegation, saying “no fire took place” from Pakistan's side of the border.

India’s Defense Minister A.K. Antony told lawmakers that New Delhi has lodged a “strong protest” with Pakistan’s government through diplomatic channels, even as the shooting deaths and recent reports of cyber-espionage have threatened to jeopardize ties between the two countries.