Govt. Mandates ‘Trusted Telecom Vendors’ In National Security Directive

NEW DELHI: The government has proposed a list of “trusted sources” for buying telecom equipment from, a move which could see Chinese networks and vendors like Huawei and ZTE shut out of the Indian market. The proposal has come in the form of the first ever National Security Directive on Telecom Sector, which was issued late on Wednesday. Once approved, it will come into force within 180 days.

To this end, the government is setting up a National Security Committee on Telecom headed by the Deputy National Security Adviser, that will have as its members, representatives from relevant departments/ministries, two from industry and an independent member.

Operating under the National Cyber Security Coordinator, the committee will draw up a list of “Trusted Sources/Trusted Products”, from where telecom service providers can buy their equipment. No mandatory replacement of existing equipment is envisaged, nor will the directive affect annual maintenance contracts or the upgrade of equipment. But only that equipment certified as “Indian Trusted Sources” by the committee, will be procured by telecom service providers. This is also expected to boost Atmanirbhar Bharat.

Telecom equipment vendors seeking to sell or licence their products, can apply through an internet portal being set up. Operational guidelines will be issued by the Cyber Coordinator and the Department of Telecom will monitor compliance.

Now the big question: why? The national security directive does not mention China or for that matter any other country, but given the downturn in relations with Beijing over its military action in Ladakh, and the widespread use of Chinese telecom equipment in India, the authorities clearly felt a need to secure digital infrastructure including Power, Banking & Finance, Transport and the strategic sector.

The directive makes pointed reference to the four lakh cyber incidents last year, and the seven lakh cyber-attacks on Indian government agencies, private businesses and Indian citizens until August this year. As the directive notes: “India is among the top three countries in the world facing cyber-attacks,” adding that “a sum of Rs. 1.24 lakh crore was lost due to cyber-crime in India in the last year.

It says the cyber-attacks are generally perpetrated through inter-connected networks and devices, also through compromised hardware and software components of telecom networks. It warns that “with the increasing use of Internet of Things Devices, the risk will continue to increase manifold and the advent of 5G technologies will further increase the security concerns resulting from telecom networks. Furthermore, maintaining the integrity of the supply chain including electronic components, is also necessary for ensuring security against malware infections.”

Clearly, the national security directive underscores the gravity of the problem, and hints that the government intends to move urgently.