NTC has clarified a news item circulated in the media wherein Snowden’s documents have been referred reporting that US hacked NTC to spy on Pakistan Military & Political leadership.
The Snowden’s report that secret documents have been hacked by implanting SECONDDATE Malware, a malicious code that is used to monitor or control the network.
The news report said that in April 2013 successful attacks against computer system in Pakistan were made. It has been mentioned in report that hackers used SECONDDATE malware to breach Pakistan Telecommunication VIP Division containing documents pertaining to Pakistan Telecommunication Green Line communication Network.
NTC, in a press statement, clarified that the Green Line communication Network is a dedicated standalone hardware intensive system with no connectivity with internet cloud.
The Green Line Exchanges of NTC are connected with secure fiber link having no link with public Switching System of NTC or any other Telecom Operators, the NTC said. Therefore, the possibility of any intrusion in main communication lines under question is ruled out and accessing these exchanges through internet or implanting any malware is extremely remote.
NTC Green line exchanges are secure and not prone to hacking.
However, the NTC admitted, cyber security is a serious global subject and technically measures for cyber attacks to compromise internet connected infrastructure are continuously being developed.
At the same time protection measures are also continuously being put in place. In the same spirit NTC is continuously deploying state of the art counter hacking measures to ward off untoward incidents.
It would be interesting to recall that computers for Iran’s Nuclear plant were also not connected with internet, but they were hacked.
Details here: https://propakistani.pk/2012/06/01/stuxnet-to-flame-heating-up-the-cyber-battlefield/
USB FLASH DRIVES are second most medium for hacking after internet, furthermore NSA with collaboration of hardware manufacturers can embedded special hardware which can establish communication link with satellite regardless of being connected with internet.
All you need in Pakistan is to bribe an employee with a couple of thousand rupees. That is the going rate in NTC and PTCL.
I believe the Internet of things (hacking via ur washing machine / printer / anything electric ) is the new domain for hacking.
What’s more air gapped systems (which are isolated from the Internet and are not connected to other systems) CAN ALSO BE HACKED via multiple methods.
1. Any Electronic device can be used to utilize sound waves (radio frequency) into transmitting data.
2. A PC can also be hacked if its not connected to any other device or internet via the sound emitted by the cooling fans inside computers.
3. An isolated system can also be hacked into revealing its sensitive data by monitoring its heat waves (heat generated by its system)
To be honest that is some next level S***.
Following are the extracts from various search papers / articles i came across.
“This sounds like sci-fi, but it’s now possible. Security researchers at a Manhattan startup have discovered how to make any modern device — printer, washing machine, air conditioner — broadcast invisible, inaudible signals for miles.”
” Researchers at Ben Gurion University in Israel have found a way to retrieve data from an air-gapped computer using only heat emissions and a computer’s built-in thermal sensors. The method would allow attackers to surreptitiously siphon passwords or security keys from a protected system and transmit the data to an internet-connected system that’s in close proximity and that the attackers control.”
If interested following terms can be googled to find more information on the subject.
“pc hacked through washing machine using radio waves”
“heat waves being used to hack into air gapped computer”
“pc fan noise used to hack”
Security is not that of a concern for start ups hacking their way to cash in on the craze of internet of things. With cut throat competition, price and time to market are considered. Having worked on some micontrollers with embedded WiFi and bluetooth, I realize that their security is usually out of the hand of the end developer of products.
That’s was quit different story and it was one time attack with no need to transmit data instead it was to destroy some specific kind of machinery manufactured by ERICSSON. however NTC and PTCL have taken special steps to cater the security of sensitive communication infrastructures. we at NADRA have Information Security department to handle the issue along with Network’s department .. however nothing is perfect and the level of intrusion being used by USA is extreme e.g. IP activated Hard Disk drives firmware’s or routers with back-doors… But the war is on going.. both are experts… Hackers and Protectors… Let’s see…
The real threat to NTC, PTCL and NADRA comes from their miserable low paid staff
LOW paid…???? are you serious…!
What kind of loyalty can you expect from low paid technicians?
I think many people are being overpaid as compared to market and their abilities… you are saying Low Paid!… you can say Low Qualified then it would be OK… lol
In Iran, some one took his personal USB to his office and attached it to Siemens SCDA system!
If a nuclear reactor can get hacked in a totalitarian regime like Iran where the people are somewhat loyal to the government what kind of security can you expect in a sold out degenerate nation like ours? The biggest threat to NTC comes from its underpaid staff.
The fact of the matter is that many organizations in Pakistan including Pakistan are being run by ex-military thugs whose only competence is their ability to bully. The state of affairs is appalling in Pakistan. An organization like NTC must have a qualified engineer or telecom manager to run its affairs. Instead what they found was some ex-military with questionable credentials.
Hacking doesnot mean only remote hacking, it is also physically access to data,,, You can pay few bucks and can have any data..,,!!
It is more easy than all that hacking and implanting things in hardware. Thoray paisay mein kaam hojayega just deal with some local.
I learned of a case in KRL where they had modified the controller chip in a hard drive
COOOOOOOL STORY BRUH.. *Jesus Thumbs up pose*
Do you find a breach of national security a something amusing?
not at all sir. I was merely pointing towards an otherwise lack thereof of one. :)
When you mess with the bulls you will get the horns
When you are into green communication zone you are not allowed to carry any usb or device. I witnessed this. Stop talking like kids
and also the monitoring level via latest software and hardware … I also know it. and they use a mix of them to avoid a single manufacturer being pron to be compromised…best of luck for Pak
What kind of security can an underpaid illiterate staff guarantee ?
An acute claim by NTC. Hope its true.
The world is full of assholes who will believe any lie, however absurd it is
The GoP and all its agencies were hacked since day one
You can also hack using radiation if you are near the cable.. what planet they are on… physical security which is very weak in Pakistan is also the main issue, when characters like Raymond Davis running around and Matthew Barrett visiting sensitive nuclear installations then i have little hope that these placed cant be hacked via physical visit!
Nothing is un-hackable in todays world, however NTC’s claim seems more reasonable than the so-called snowden’s leak
Security is an illusion in Pakistan. One can only sympathize with those who buy into this clarification. What kind of security can an organization guarantee that pays its personnel in peanuts?
Everything is hackable given enough time or resources. Systems were owned by NSA in the green line according to the leak. The article is talking about this leaked presentation from NSA. https://assets.documentcloud.org/documents/3031638/Select-Slides-FINAL-PMR-4-24-13-Redacted.pdf