3

How might Nepal Telecom have been hacked?

Nepal Telecom Company is a leading telecommunication company in Nepal. This is the first governmental organization to provide cellular networks along with internet services in Nepal, established more than a decade back. Recently, social media all over Nepal was filled up with the news of the NTC data breach. Some posts suggest that a hacking group called “Anonymous #OpNep” hacked into NTC servers and providing customer data upon private request. According to Nepal’s top Facebook community page ‘Routine of Nepal Bandha’, hackers who intruded the NTC server has only access to the user details only such as the Name of father, grandfather, phone number, citizenship number, etc. But they have not accessed to the call logs, security codes, SMS servers and so forth. Here is the screenshot of the post.

Post from a page in facebook

Post from a page in facebook

In this post, they also quoted that the alleged hackers said,

This hacking is just for our experiment and we request NTC to secure your system, I won’t do misuse of these details. Network haruma problem dherai vayera secure na bahako bhanera proof garna khojeko.

#OpNep says that they have hacked into NTC servers because of the many problems found in Network (They might have wanted to term this as “there are many vulnerabilities in NTC network or something”).

Anyway, here is another post which describes that this facebook user has previously hacked into that server, whose data is leaked yesterday. He described the alleged hacking group as the “SCRIPT KIDDIES” and also said they are class 10 students. According to him,

The screenshot that you are provided is just a data entry site! Meaning, The employees upload scanned copies of Citizenships of the number owners, the same citizenships we use for registering while buying a NTC sim,!

According to the post above, all the NTC servers are still secure and also the data servers too. But can we believe a post which says a company is hacked, but information is still secure?! He continued, “The person who worked in data entry gave the id and password to one of my friends. He gave it to so called hacked (I can’t say the name)!!” He has given a reason to prove his statement saying, “Because, I was also one of the people who got hands on the Data server of NTC!! He himself gave it to me just to try and also admitted that he provided the login info to the so-called hacker. He also asked to keep calm, saying,”Please remember, no one will be harmed with this, nobody’s call logs or messages are leaked! They cannot add or deduct the balance from your phone. After all, they are all just a bunch of kids who wants to be famous.

Impact

Okay, my personal details submitted to the NTC while applying for a Sim card has been hacked and made available publicly. Why should I worry? One of the people who had access to those data once told to keep calm. NO. Those are my identity. There will be massive identity theft after this breach. But who cares? NTC? Nepal Government? WHO? These data must have been stored in the secure network, especially it must not be accessible from outside network. NTC failed to do so. Now it is the responsibility of the NTC to assure its customers and secure its data centers.

As far as hacking is concerned when a company gets hacked, all the online and offline information that are stored in its network are always under danger. They cannot say our data is secure or something like that.

How could this data breach have actually happened?

  1. According to those posts above, an employee of the NTC data center gave the credentials to access NTC data servers to the hacker group. This might be the reason behind the leak, but we are not all sure. It could insider job to leak NTC Users’ data.
  2. Or it could be due to the improper configuration and segmentation of a Network that leads to access the private server via public domain.
  3. Is there really a vulnerability in NTC website that might have been exploited? This could be another strong reason behind this data breach because most of the sites in Nepal have not been tested prior to going live and never cared about that. For example, we can find SQL injection vulnerability in almost all governmental sites in Nepal today (many governmental sites have been breached using this vulnerability in the recent past).
  4. Is the back-end server of NTC are exposed to known or public exploit? Maybe, back-end servers might not have been configured properly or may have some vulnerabilities that can be exploited remotely.

The reason behind the data breach could be one of those four things. This will be too early to say on which extent data has been breached because NTC has not spoken officially yet. I hope they do speak in this case and try to establish faith on their millions of customers.

Suraj DC

3 Comments

  1. Why u guys Still believe its hacked -_- I knw the guys behind this hack… acc to them this is not hacked.. insider gave them login data.. and NTC servers r So damn Hard to exploit. no vulnerabilities at all. also they didnt hack The NTC Server -_- stop sharing fake news..

  2. I am wondering why regotech is giving so much priority to this shi*. Some kids have contact address of some person doesn’t mean NT servier is hacked and they will bring down the whole network.

Leave a Reply

Your email address will not be published. Required fields are marked *