NEW DELHI: Faced with fresh cyber spying threats, the Department of Telecom has asked internet service providers to reset passwords and other settings in devices installed at premises of fixed line broadband subscribers within 60 days.
The number of such devices (modems) runs into 1.45 crore as there are as many fixed line internet connections across India as of January, 2014.
“The ISP (internet service provider) will assist the customer to change the password, including by physical visits. The above instructions should be complied within 60 days,” the DoT said in an order dated March 11.
The order comes within a week of Indian Infosec Consortium, a cyber security experts group, submitting a report which found that 3,000 internet connections, including those of the Ministry of Defence, security agencies and banks in Delhi, have been compromised, probably exposing them to snooping from foreign locations.
The study was submitted to Telecom Minister Kapil Sibal. Besides the Ministry of Defence, prominent entities figured in the report included the Deputy Secretary of the Cabinet Secretariat at Rashtrapati Bhawan, the Chief of Naval Staff in C-Wing at South Block, the Air Force Communication Centre at Vayu Bhawan, the zonal officer of the Controller of Defence Accounts at Delhi Cantonment, and the Directorate of Income Tax (Investigation) at Jhandewalan. The report found over 99 per cent of 3,000 connections, the total sample size, studied by it have been manipulated. It estimates that about 3 lakh internet connections in Delhi are vulnerable as they all use a similar set of modems examined by the group.
“In the recent past concerns have been raised about vulnerabilities in the ADSL (fixed line)modems. These vulnerabilities can be exploited by attackers to implant malwares in modems, change configuration or manipulate data etc,” the order said. —PTI