Mahanagar Telephone Nigam Limited

Mahanagar Telephone Nigam Limited (MTNL) is a state-owned telecommunications company headquartered in India. It provides fixed-line telephone services, broadband internet, and mobile telephony, primarily operating in the metropolitan circles of Delhi and Mumbai. Historically, MTNL functioned as the sole telecom provider in these regions before market liberalization introduced competition. The company's infrastructure includes extensive copper and fiber networks, serving both residential and enterprise customers under the regulatory oversight of India's Department of Telecommunications. Its role has transitioned from a monopolistic entity to a competitive operator facing private sector rivals, though it remains a significant public sector undertaking in the national telecom landscape. Specific quantitative metrics regarding its customer base or network size are not detailed in available sources, but its services are integral to connectivity within its operational territories. The organization continues to manage legacy networks while adapting to broader industry shifts toward digital services.

In July 2017, MTNL experienced a major cyber-attack that disrupted services for over 60,000 of its modems and routers, causing widespread internet outages across multiple regions. The incident exploited devices with default administrative credentials and hard-coded logins through open TR069 ports, disproportionately affecting newly installed equipment. The attack was attributed to the author of the BrickerBot malware, who framed the operation as a global effort to cleanse vulnerable internet infrastructure rather than a politically motivated act. Unlike previous BrickerBot campaigns that permanently destroyed devices, most of MTNL's affected hardware was recoverable through password resets and technical support. However, recovery was prolonged by concurrent employee strikes that hampered response efforts. Service providers, including MTNL, mitigated the threat by filtering access to vulnerable ports, which rapidly reduced the number of exposed devices. This event underscored systemic risks in legacy telecom equipment and the operational challenges of simultaneous technical and labor disruptions.