0
Back To Parent Website

TELECOM PRODUCTS: ‘TRUSTED, ‘NON-TRUSTED’ SOURCES

TELECOM PRODUCTS: ‘TRUSTED, ‘NON-TRUSTED’ SOURCES

 

Context

  • The Cabinet Committee on Security in December approved the setting up of a new National Security Directive on telecommunication sector with an intent to classify telecom products and their sources under the ‘trusted’ and ‘non-trusted’ categories.
  • The move could potentially make it more difficult for Chinese telecom equipment vendors like Huawei and ZTE to supply equipment to Indian telecom players.

More about issue

  • Huawei and ZTE have been under global scrutiny for allegedly installing ‘backdoor’ or ‘trap door’ vulnerabilities and spying for the Chinese government and have been banned by several countries.
  • Earlier Centre had asked all telecom operators to undertake an ‘information security audit’ of their networks.
  • The objective of the audit was to specifically check for any ‘backdoor’ or ‘trap door’ vulnerabilities in the telecom networks, which can be exploited to extract information and pass on illegally to agencies around the world.
  • A ‘backdoor’ or a ‘trap door’ is a bug installed in the telecom hardware that allows companies to listen in or collect data being shared on the network.
  • While almost 30 per cent of Bharti Airtel’s network comprises Chinese telecom equipment, it is as much as 40 per cent for Vodafone Idea.
  • State-run telcos Bharat Sanchar Nigam Limited (BSNL) and Mahanagar Telephone Nigam Limited (MTNL) too have equipment from Chinese vendors, including Huawei and ZTE, in their 3G and older networks.

National Security Directive:

    • It aims to classify telecom products and their sources under the ‘trusted’ and ‘non-trusted’ categories. It will make its decision based on approval of the National Security Committee on Telecom. It will be headed by the deputy National Security Advisor (NSA) and have members from other departments and ministries, and independent experts as well as two members from the industry.
    • The National Cyber Security Coordinator is the designated authority and will devise the methodology to designate trusted products.
    • From among the sources declared as trusted sources by the designated authority, those which meet the criteria of the Department of Telecom’s preferential market access policy will be certified as India trusted sources.
    • The policy provides opportunities to local manufacturers of equipment and handsets in the “sensitive” telecom sector to counter dumping of products by other countries.

 

  • Telecom Service Providers (TSPs) are required to connect new devices which are designated trusted products.

 

  • However, the directive will not ask TSPs to mandatorily replace the old and existing equipment and does not impact the ongoing annual maintenance contracts or upgrades to old equipment either.

 

IS HUAWEI/ZTE A SECURITY THREAT?

  • China’s Huawei still remains a potential contender for the supply of some 5G equipment. Huawei’s 5G offer is very competitive in a field consisting of Qualcomm, Eriksson and Nokia.
  • Huawei is a Chinese state-directed telecom company with a singular goal: undermine foreign competition by stealing trade secrets and intellectual property, and through artificially low prices backed by the Chinese government.
  • Chinese state-directed telecoms companies, like Huawei and ZTE, from undermining and endangering India’s 5G networks.
  • Future cutting-edge industries like driverless vehicles and the Internet of Things will depend on this critical technology, and any action that threatens our 21st-century industries from developing and deploying 5G undoubtedly undermines both our national and economic security.
  • There is ample evidence to suggest that no major Chinese company is independent of the Chinese government and Communist Party — and Huawei, which China’s government and military tout as a “national champion,” is no exception. Allowing Huawei’s inclusion in our 5G infrastructure could seriously jeopardize our national security and put critical supply chains at risk.

What are the potential risks?

    • Data 
      • It is almost impossible for encrypted communications to be read by anyone who does not have the encryption keys. But in the way wireless telecoms networks are currently structured, much data passes through the network in unencrypted form.
      • Under the 5G specifications, voice calls and SMS texts are encrypted with keys that are stored on servers in the “core” of the network, and cannot be read by the base stations.
      • Even if the internet traffic is encrypted by an application, such as the Signal messaging app, base stations can still see metadata — that is, what’s on the “envelope” of the letter, even if it can’t read the contents of the letter. That includes addresses that identify where traffic is coming from, and what platform it is going to.
    • Attacks on individuals 
      • Base stations can send false emergency alerts, or not pass on real emergency alerts.  

 

  • Attacking the whole network
  • Base stations relay signals between the phone and the core network, but can also be used to send malicious signals into the core. This includes flooding the core network with denial of service attacks that jam part or all of the network, depending on what the base station is allowed to connect to.

 

Way forward

Despite the higher cost of alternative sources of 5G equipment and the absence of any native Indian capacity to build 5G hardware and software, it would be wiser to choose non-Chinese sources.

Current affairs

Contact Us

    Enquire Now