November 21, 2018

Telenor Pakistan comes under a cyber-attack; the extent of damage remains unclear

UPDATE:

ISLAMABAD, NOVEMBER 16, 2017: Telenor Pakistan has formally acknowledged that it has encountered a cyber-attack. However, the extent of the damage could not be clarified.

As per detail, Telenor Pakistan’s Director Corporate Communications Areej Khan confirmed over the email that “during routine monitoring, our teams reported unusual activity on some of our personnel machines.”

However, she noted that strict additional checks and balances enabled them to identify intrusion.

Ms. Areej also emphasized that the company had taken “all necessary actions…to rectify possible consequences that the intended breach could have had on our systems and services. “

However, she did not specify to what extent the cyber-attack had affected their systems or resulted in the loss of consumer data.

Telenor under Malware attack:

ISLAMABAD, NOVEMBER 15, 2017: Multiple sources within Telenor Pakistan have confirmed that the company has recently come under a cyber attack affecting computers of some employees. 

According to sources, the attack took place on November 08 when a malicious email was received by employees from an apparently legitimate email address. DRM team has confirmed the receipt of the said email from multiple sources within Telenor, however, Telenor Pakistan has formally denied any such occurrence. The exact nature of the attack and the extent of damage to consumer data remains unclear. Officials within Telenor continued to remain ambiguous about the attack despite multiple attempts from DRM team for confirmation. 

As per sources,  the subject line of the email was “confidential” and it contained a ‘word’ document as an attachment. The email informed the recipients that the attachment was a new policy guideline from Ministry of Information Technology [MOITT] regarding IT security. As soon as the recipient clicked on the attachment, the embedded trojan code automatically forwarded the email to contacts within Telenor using the recipient’s email address.

The sources also revealed that as a result of clicking on the attachment, numerous computers were infected. Sources also shared that the victim’s social and email accounts were all compromised while the trojan was able to retrieve data from the computers, simultaneously installing a key-logger in the process.

The scribe reached out to Telenor Pakistan’s Corporate Communications department for comments on this story but did not receive a formal response till the time of filing this report.

Meanwhile, while talking to this scribe, one Telenor employee  shared that he had no knowledge of the malware attack.

“Usually when anything like this happens, an email alert is issued to all the employees. However, no such thing was shared with us, to my knowledge,” said the  on condition of anonymity.

On the other, it is not clear to what extent the consumer data has been compromised. Sources revealed that Telenor was further assessing the damage while they had taken immediate steps to block the leakage. They also insisted that the consumer data was not affected because of the recent cyber-attack.

It is to be noted that Pakistan does not have any data protection law or authority that inspects corporations’ systems housing personal data.  More than 100 countries around the world have data protection laws that hold corporations accountable in case of user data breach.

Written by

Talal Raza is a Program Manager at Media Matters for Democracy. He has worked with renowned media organizations and NGOs including Geo News, The Nation, United States Institute of Peace and Privacy International.

No comments

leave a comment