Recently, India introduced its first and biggest framework to protect itself from cyber attacks, data theft and other virtual vulnerabilities threatening its national security. The Union cabinet has approved the ‘National Security Directive on Telecom Sector’ in view of the alarming magnitude of cyber threats to India, official sources said.
In an exclusive report IANS highlighted India’s vulnerabilities in the cyber space. India is amongst the top three countries in the world with highest number of cyber-attacks. In 2019, India faced around 4 lakh cyber attacks as monitored by the Indian Computer Emergency Response Team (CERT-In).
The Ministry of Electronics and Information Technology (MeitY) recently told the Parliament that Indian citizens, government and business entities faced around 7lakh cyber attacks till August 2020. As per their estimates, Rs.1.24 lakh crore was lost due to cyber crimes in India during the last year. Recent ransomware attacks as well as data and identity thefts have been a serious cause for concern for India’s national security.
The cyber attacks are generally perpetrated through interconnected networks and devices. They are also committed through compromised hardware and software components of telecom networks, officials pointed out. Telecom is also the critical underlying infrastructure for all other sectoral information infrastructure of the country such as power, banking and finance, transport, governance and the strategic sector. Security breaches resulting in compromise of confidentiality and integrity of information or in disruption of the infrastructure can have disastrous consequences.
Under the provisions of the directive, in order to maintain the integrity of the supply chain security and in order to discourage insecure equipment in the network, government will declare a list of ‘Trusted Sources/Trusted Products’ for the benefit of the Telecom Service Providers (TSPs).
Sources said the designated authority will put in place a portal for easy upload of applications by TSPs and equipment vendors. It will improve ease of doing business by providing a predictable assessment methodology to the TSPs and the equipment vendors. The Department of Telecom will make appropriate modifications in the licence conditions for the implementation of the provisions of the directive. The policy will come into operation after 180 days from the date of approval.